The Vectra cybersecurity platform
Detect and stop attackers across your entire enterprise
From campuses to data centers to the private cloud, Vectra provides continuous, automated threat surveillance throughout the organization to proactively expose hidden and unknown cyber attackers in your network.
Our cybersecurity platform is based on a simple principle for finding hidden threats: Apply artificial intelligence to the most authoritative source of data and seek out the fundamental threat behaviors that attackers simply can't avoid.
Instead of using traditional payload inspection, Vectra relies on the only source of truth and fidelity during a cyber attack – network traffic. Logs and other low-fidelity sources are unable to detect hidden attacks in progress.
Using artificial intelligence, Vectra combines data science, modern machine learning techniques and behavioral analysis to expose the fundamental actions of cyber attackers as they spy, spread, and steal in the network.
Features you need
The intelligence to reveal all phases of attack
Automatically expose fundamental attack behaviors in network traffic, such as remote access tools, hidden tunnels, backdoors, credential abuse, and recon tools. We continuously learn your local network environment and track all physical and virtual hosts to reveal signs of compromised devices or insider threats.
Blind-spot-free threat coverage
Monitor all enterprise traffic – Internet traffic, internal network traffic and traffic within the data center – leaving attackers with nowhere to hide. We monitor all host devices equally, including laptops, servers, BYOD, IoT, virtual assets, as well as routers, switches and firewalls that make up the physical infrastructure.
Find the biggest threats with certainty
The Threat Certainty Index™ consolidates thousands of events and historical context to pinpoint hosts that pose the biggest threat. Instead of generating more events to analyze, we boil down mountains of data to show what matters. Threat and certainty scores trigger notifications to your staff or a response from other enforcement points, SIEMs and forensic tools.
Security context for faster response
Automate the time-consuming Tier 1 analysis of individual security events and eliminate the endless hunt and search for threats. Security analysts can instantly see other devices that infected hosts communicate with and how. On-demand access to packet captures speeds-up forensic analysis so security teams can take immediate, decisive action.
Native security for your private cloud
Monitor the virtualized layer of the data center and its underlying infrastructure to detect complex attacks. Vectra virtual sensors (vSensors) ensures visibility into all traffic passing between workloads, while native integration with VMware vCenter offers an always up-to-date view of the virtual environment. Detect compromised admin credentials, back-doored infrastructure and other advanced attacks.
Full lifecycle detection of ransomware
Detect ransomware campaigns against enterprises and other organizations across all phases of an attack. By monitoring all internal network traffic, Vectra identifies in seconds the tell-tale behaviors of a ransomware attack -- command-and-control traffic, network scans and lateral movement behaviors -- before critical assets can be taken hostage.
One solution. Many benefits.
Puts your key assets first
Get real-time attack visibility and non-stop automated threat hunting to quickly find hidden cyber attacks on key assets before they cause irreparable damage. Vectra ensures that an intrusion doesn't turn into data loss, and prioritizes the safety of your key assets while revealing threats that pose the highest risk.
Works for everything
We deliver high-fidelity threat visibility to every corner of the enterprise, to virtualized data centers and into the actions of every network device, including IoT and BYOD. With equal protection across all environments and hosts, Vectra brings the fight against cyber attackers into focus wherever you do business.
Empowers security teams and accelerate incident response
Respond quickly and decisively to threats by putting the most relevant information and context at your fingertips. Unlike security analytics products, we eliminate manual investigations by automatically prioritizing and correlating threats with compromised hosts and key assets that are the target of an attack.
Get more from your existing security investments
Vectra works with your next-generation firewalls, endpoint response and other enforcement points to automatically block unknown and customized cyber attacks. Vectra also provides a clear starting point for threat investigations, which accelerates the efficiency of SIEMs and forensic analysis tools.
The Vectra architecture
Scalable and distributed
The scalable, distributed Vectra architecture enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series software across multiple locations for unified analysis, detection and correlation of threats.
Vectra X-series software can be ordered preloaded on a full-depth rack-mountable appliance that scales to accommodate the largest networks. The X-series is deployable in three modes – Brain, Sensor or Mixed.
In Brain mode, the X-series only receives metadata from one or more sensors. In Sensor mode, the X-series ingests traffic, extracts metadata and forwards it to another Brain or Mixed-mode X-series for processing. In Mixed mode, the X-series performs both Brain and Sensor functions.
Vectra S-series sensors are easily deployed at remote sites or with access switches on internal network segments to extend the reach of your Vectra deployment. These small, dedicated devices passively monitor network traffic, extract critical metadata and forward it to the Brain for analysis and attack detection.
Vectra vSensors running in VMware ESXi make it easy to extend threat detection coverage across the physical network and into virtualized data centers. Connect vSensors to any VMware vSwitch in the data center for visibility into all traffic and to detect threats that pass between workloads. Vectra also integrates with VMware vCenter for an authoritative, always up-to-date view of the virtual environment.
Learn about Vectra in two minutes
It’s security that thinks®
Watch Vectra learn, detect threats and prioritize those that pose the highest risk.
Extending automated real-time cybersecurity into all corners of an organization.
Vectra delivers real-time attack visibility and puts attack details at your fingertips to empower immediate action. Machine learning software from Vectra performs non-stop, automated threat hunting with always-learning behavioral models to quickly and efficiently find hidden and unknown attackers before they do damage.
The scalable, distributed Vectra architecture enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series appliances across multiple locations for centralized analysis, detection and correlation of threats. This spec sheet includes technical specifications about S-series sensors, vSensors and the X-series appliance.
This white paper focuses on how to protect data centers from cyber attacks. It looks at the unique architectural and operational challenges of cyber security in the data center, examines real-world techniques and attacks from the wild, and proposes a framework for defending against them.
Prevention security at the network perimeter provides one imperfect chance to stop an attack. Security professionals need automated real-time threat detection and prioritized risk reporting that show what an attacker is doing in their network and provide multiple opportunities to stop an attack. The Vectra X-series platform is the first to bring this level of intelligence and automation. Read this white paper to learn how.
This compliance brief highlights key components of the NIST cybersecurity framework and explains in detail how the Vectra cybersecurity platform addresses these key components. Vectra provides operators of critical infrastructure with real-time automated threat hunting and incident response across the entire enterprise.
An adaptive security architecture, as described by Gartner, encompasses four vitally important capabilities – prevention, detection, response and prediction – all of which must work in concert. Vectra addresses the need for an adaptive security architecture by providing continuous, automated threat hunting across the entire enterprise network.