Vectra exposes cyber attacker backdoors in the data center

Learn more

Vectra named Most Innovative Emerging Company

Learn more

Learn how attackers can use a printer to spread malware

Vectra Threat Labs discovers a critical Microsoft Windows vulnerability

Find out how

Detect ransomware in seconds

Learn more now

2016 Post-Intrusion Report

Attackers know when they're being watched and are blending in with users and common network traffic.

Download the Report

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology.

Register Now



Up and running in minutes. Vectra learns everything it needs to know.


Continuous threat monitoring instantly identifies any phase of a cyber attack.


The Threat Certainty Index™ prioritizes the most serious threats in your network.


Learns new threat behaviors and adapts to your ever-changing network.


Cyber Attack of the Clones
28 November 2016

As the holidays roll in, there are going to be a lot of Internet-enabled devices gifted, from Star Wars Droids to fridges that know what you eat better than you do. Attackers are happy. New devices mean bigger clone armies. In previous research from the Vectra Threat Labs, we learned that seemingly innocuous vulnerabilties can become serious problems in the context of the Internet of Things (IoT). IoT is the unattended attack surface. The recent public release of source code for malware named "Mirai" has proven exactly that. Mirai continuously scans the Internet for IoT devices using factory default usernames and passwords, primarily CCTV and DVRs. More

View More Blog Posts

News & Media

Bigger walls won't keep data safe
TMCnet | 6 December 2016

For years, the security community focused on perimeter defenses, but ensuring all is well requires more than building a bigger wall. Hackers only need about 146 days to spy, spread and steal, according to Mike Banic, vice president of marketing at Vectra. And it only takes about three days for an attacker to gain administrative credentials. More

Where cybercriminals go to buy your stolen data
Dark Reading | 5 December 2016

Darknet website AlphaBay sells tens of thousands of items related to malware, exploits, hacked accounts, stolen credentials, and hacking services. Christopher Doman, a threat analyst at Vectra, talks about the AlphaBay market and forum and explains the various ways this information can be used for nefarious purposes. More

Evaluating AI-powered threat detection technologies
IT Security Guru | 2 December 2016

Unlike signature-based detection systems, today’s AI-powered security technologies are rarely suited to a plug-it-in-and-watch-it-light-up evaluation strategy. They often include a mix of supervised and unsupervised machine learning, automated threat hunting, trained classifiers, and focus on reducing erroneous and unactionable alerts. More

Compliance doesn’t equal security but it sure does help
SC Media | 29 November 2016

As more business decisions rely on big data analytics, cybercriminals have greater incentive to pollute the incoming data to alter decisions or make them predictable so they can be monetized, says Vectra CTO Oliver Tavakoli. This can cause a hedge fund to buy or sell a stock. “Criminals can make large sums of money front-running the transaction.” More

DHS hiring puts into question the cybersecurity skills shortage
SearchSecurity/TechTarget | 23 November 2016

"Everyone with a newly minted computer science degree is being encouraged to get into cybersecurity, as the lack of candidates is driving up salaries," says Vectra CSO Günter Ollmann. Although the U.S. Department of Homeland Security event "was pitched under the banner of cybersecurity, it is not clear what jobs were actually being filled." More

What will the next ransomware note say?
ITSPmagazine | 23 November 2016

In 2017, ransomware will be used with other techniques for blended attacks, says Vectra CSO Günter Ollmann. Despite ransomware detection improvements made in 2016, most organizations still do not have a sufficient offline backup strategy to restore files, whether the ransom is paid or the attacker provides the encryption key. More

Cybersecurity predictions for 2017
VMblog | 22 November 2016

Alex Waterman, senior director of product management at Vectra, predicts that cybercriminals will step up their efforts to corral legions of unprotected IoT devices to mount even more sophisticated attacks. Also, the attack tools published by the Shadow Brokers hacking group will be used against the data center’s vulnerable physical infrastructure. More

How AI will transform cybersecurity
VentureBeat | 22 November 2016

The challenge of detecting attack behaviors in network traffic is immense. Finding correlations across protocols without intrusive deep packets inspection requires analyzing thousands of correlations between metadata from internal and external network traffic. A few companies are using AI technology to tackle this challenge, including Vectra. More

Who has the most impact in driving security advancement?
CSO Online | 22 November 2016

"The CISO usually becomes the person who drives both the strategy and the budget," says Vectra CEO Hitesh Sheth. "They usually have a team." It's often seen in the Fortune 50 companies that "the CISO is still heavily involved, but the board is involved as well. It has become a regular topic among the board of directors." More

Passcode influencers: Trump won’t improve cybersecurity
The Christian Science Monitor | 21 November 2016

"Just as hacking, cybersecurity and email breaches have been core to the election process, they will continue to grow and affect the U.S. government," says Vectra CSO Günter Ollmann. "Hence, in Trump's presidency, the U.S. government and agencies will have their hands forced in dealing with this invasive hacking epidemic. More

Camouflaging state-sponsored malware attacks
RSA Conference | 21 November 2016

Most organizations continue to struggle with malware-based intrusions, according to this column written by Vectra CSO Günter Ollmann. Despite the deployment of policies, user education, enforcement chokepoints, data inspection, and regular assessments of defenses, malware remains the primary method of breaching the corporate network. More

Election 2016: The bungling of big data
IT Security Guru | 21 November 2016

The accuracy of polling results failed miserably in the 2016 election. From a data science perspective, what are the lessons learned from the big data polling blunders in election predictions? The lesson is all about using the right data for the problem at hand, and not about questioning if the data is right. The same applies for cybersecurity. More

Three mobile cyber attack: 6 million customers’ details exposed
Information Security Buzz | 21 November 2016

“It’s troubling that the breach was discovered only after receiving complaints from customers that scammers were fishing for their bank account details," says Vectra CTO Oliver Tavakoli. "With the availability of real-time detection methods today that identify what’s happening at any given moment, this lack of awareness is shocking." More

Data integrity: The next big threat
SC Magazine | 18 November 2016

Vectra CTO Oliver Tavakoli explains to SC Magazine that the variety, volume and velocity inherent in big data makes it difficult to ensure integrity of all of the data. To combat this challenge, Tavakoli encourages organizations to always pay attention to where the data is coming from and to encrypt the data. More

IT Sicherheit – Intelligente Abwehr
VDI Nachrichten | 14 November 2016

Traditionelle IT-Sicherheitslösungen gelangen an ihre Grenzen und können keinen ausreichenden Schutz mehr bieten. Im Zuge dieser Entwicklung setzt sich die künstliche Intelligenz (KI) als neuartiger Sicherheitsansatz immer weiter durch. Oliver Tavakoli, CTO bei Vectra berichtet in einem aktuellen Beitrag auf VDI Nachrichten, worin die Vorteile des maschinellen Lernens liegen. More

Unfilled jobs are the biggest threat to cybersecurity
ThirdCertainty | 10 November 2016

A global shortage of expertise lies at the heart of the infosec world’s ability to respond to attacks and has considerable effect on vendors and consumers alike. Vectra CSO Günter Ollmann explains why unfilled jobs are the biggest threat to the cybersecurity industry, and identifies three ways to approach the problem. More

Brute force: Understanding automated cyber attacks
The Realtime Report | 9 November 2016

Every new technology that guards against cyberattacks forces hackers to evolve. Automated attacks are now capable of learning to use an application and carrying out its basic functions. For example, Wade Williamson, director of threat research at Vectra, says banking malware can transfer money belonging to a compromised account. More

Vectra Networks appoints security industry executive Kevin Moore to lead worldwide sales
Vectra Press Release | 8 November 2016

Vectra Networks, the leader in automated threat management, today announced that Kevin Moore, a noted sales veteran in the security industry, was appointed senior vice president of worldwide sales. In this role, he is responsible for all direct and channel sales globally. More

IoT security tips to protect your small business
Small Business Computing | 8 November 2016

"You should keep Internet-enabled devices – like video cameras—on a separate network from the primary business network that deals with customer financial transactions, like point of sale systems, intellectual property, or any form of regulated data," said Chris Morales, head of security analytics at Vectra. More

The worst people you meet in IT security: The 'ever-helpful'
CSO | 7 November 2016

Vectra CSO Günter Ollmann chastises "the person who holds open a secure door for a slow moving 'employee' without checking for a badge. One of the easiest ways to infiltrate a secure building or data center is to appear encumbered (e.g., having both hands full with boxes) and wait for an authorized person to open the door for you." More

What these CSOs did on their first days
CSO | 3 November 2016

Vectra CSO Günter Ollmann weighs in on the most vital areas of focus for new CSOs during their first weeks on the job and shares advice for prioritizing problem areas. Ollmann also shares two different yet critically important perspectives on security – vendor and non-vendor – and what to take care of on day one. More

How to stop the Mirai botnet: Can blocking Port 23 fight further DDoS attacks?
International Business Times | 3 November 2016

One of the biggest reasons we now have the Mirai botnet is that "the (IoT) manufacturers are trying to save money and reduce the time to market, and only after the product has been proven to be popular do they go back and add security to it," Vectra CSO Günter Ollmann tells the International Business Times. More

View All News & Events


Upcoming Events

Data Connectors, Chicago

14 December 2016 - Chicago

The Chicago Suburbs Tech-Security Conference features 40-60 vendor exhibits and 8-12 educational speaker sessions discussing current tech-security issues such as cloud security, email and social media security, VoIP, LAN security, wireless security, USB drives security and more.
Register Today.

View all events »