loader image

Vectra

x Mindflow

Vectra Threat Detection and Response was integrated by Mindflow to enable users to automate their incident management and better protect their information system.

Vectra Overview

Vectra provides a Threat Detection and Response Platform. Using the solution, you can capture data from different points in your systems to get the best context out of every detection. Once captured, Vectra uses its proprietary AI to detect threats and provides responses designed for the hybrid and multi-cloud enterprise.

vectra threat and detection

Using the solution, users can capture data from:

The Public Cloud to capture relevant logs using API calls (read-only permissions). You can map your infrastructure and detect potential compromises due to misconfiguration, credential theft, and supply, stopping them from becoming breaches.

The solution also captures identity data to find compromised AD accounts accessing federated apps and services such as Microsoft 365, Salesforce, AWS, or VPNs. It uses Kerberos traffic, windows event log ingestion, and Azure Active Directory Graph API.

Capture relevant logs of your stack of SaaS tools by using API calls (read-only). You can thus find and stop attacks on data in Microsoft 365 applications like SharePoint, OneDrive, Teams, Exchange, and more.

Finally, you can capture network traffic using cloud, virtual, or physical sensors by deploying sensors. This way, you can detect threats that bypass data center security controls.

As said above, the data captured is then analyzed by extracting metadata elements on which Vectra applies proprietary AI to detect attacker methods in every domain, using the MITRE D3FEND framework.

Benefits

In-depth coverage for attacker behavior in SaaS, Identity, and Cloud.

Rich narrative and contextualization for investigation.

A comprehensive view of your attack surface at every level to detect configuration and compliance risks.

AI-drive attack prioritization to triage and escalate only relevant threats to SecOps.

Security-lead AI combines security research and AI mapping to MITRE D3FEND to deploy standardized countermeasures.

Want to enhance your service with orchestration and automation capabilities? Get in touch with our partner team.

Related integrations