Vectra AI, a leader in cloud and network detection and response
(NDR), released extended endpoint detection and response (EDR) native
integration support in the Cognito platform to enhance the user experience for
the security tools and procedures already deployed in their arsenal. By
unifying the NDR and EDR experience in a single UI, users get fast, simple,
turnkey integrations that offer comprehensive security coverage across the
enterprise, IoT devices, hybrid cloud, and cloud native applications. To build
on this coverage, Vectra adds additional support for VMware Carbon Black EDR, VMware Carbon Black
Cloud, Sentinel One Singularity, and FireEye Endpoint Security to its extensive list of
native EDR integration partners, including CrowdStrike and Microsoft Defender for Endpoint.
With these integrations, users extend the unique ability to
automatically respond with Vectra Host Lockdown. Host Lockdown enables the Vectra
Cognito platform to automatically disable hosts that demonstrate suspicious
activity at the endpoint and give analysts the option to manually disable hosts
during a security investigation. Disabling a host will significantly slow down
an active attack by limiting an attacker's access to additional resources. This
drastically curtails the attack's reach and gives the Security Operations
Center (SOC) more time to investigate and remediate attacks.
"Vectra has always recognized the need to integrate
with the best of breed security solutions and leads the way with over 34
integrations, of which ten are with EDR vendors," said Jose Malacara,
Sr. Product Manager. "We are committed to offering customers support
for their existing tools while expanding their visibility beyond endpoint to
network and cloud with the automatic, AI-driven response that makes Cognito so
appealing to SOC teams."
Modern ransomware and supply chain attacks highlight the need
for threat detection not only at the endpoint but also at the network and in the cloud. While other NDR vendors
have limited integrations, Vectra is and will continue to build an open
platform that's routed in collaborated and gives organizations complete
visibility. These strategically integrated workflows eliminate shifting between
security products, so SOC teams can see and stop threats before they become
breaches.
According to 451 Research's Voice of the Enterprise Key Workloads and Projects Advisory
report released last September, on average, enterprises have 2.97
endpoint solutions deployed to combat discrepancies in traditional measures
highlighted by recent work from home conditions. To stand the fight against the
current threat landscape, it is critical for organizations to have an NDR
solution that integrates with a variety of EDR vendors so that full visibility
and automated response can be achieved.