The Vectra cybersecurity platform:

Detect and stop attackers across your entire enterprise

From campuses to data centers to the private cloud, Vectra provides continuous, automated threat surveillance throughout the organization to proactively expose hidden and unknown cyber attackers in your network.

Our cybersecurity platform is based on a simple principle for finding hidden threats: Use an authoritative source of data and seek out the fundamental threat behaviors that attackers simply can't avoid.

To do this, Vectra relies on the only source of truth during a cyber attack -- network traffic. Only traffic on the wire reveals the truth with complete fidelity and independence. Low-fidelity sources, such as analyzing logs, only show what you've already seen, not the hidden attacks that were missed.

Vectra delivers a new way of analyzing network traffic. Instead of traditional payload inspection, Vectra uses artificial intelligence, machine learning and behavioral traffic analysis to expose the fundamental behaviors of attackers as they spy, spread, and steal in the network.

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology


The intelligence to reveal all phases of attack

Automatically expose fundamental attack behaviors in network traffic, such as remote access tools, hidden tunnels, backdoors, credential abuse, and recon tools. We continuously learn your local network environment and track all physical and virtual hosts to reveal signs of compromised devices or insider threats.

Blind-spot-free coverage

Monitor all enterprise traffic -- Internet traffic, internal network traffic and traffic within the data center -- leaving attackers with nowhere to hide. We monitor all host devices equally, including laptops, servers, BYOD, IoT, virtual assets, as well as routers, switches and firewalls that make up the physical infrastructure.

Find the biggest threats with certainty

The Threat Certainty Index consolidates thousands of events and historical context to pinpoint hosts that pose the biggest threat. Instead of generating more events to analyze, we boil down mountains of data to show what matters. Threat and certainty scores trigger notifications to your staff or a response from other enforcement points, SIEMs and forensic tools.

Security context for faster incident response

Automate the time-consuming Tier 1 analysis of individual security events and eliminate the endless hunt and search for threats. Security analysts can instantly see other devices that infected hosts communicate with and how. On-demand access to packet captures speeds-up forensic analysis so security teams can take immediate, decisive action.

Native security for your private cloud

Monitor the virtualized layer of the data center and its underlying infrastructure to detect complex attacks. Vectra virtual sensors (vSensors) ensures visibility into all traffic passing between workloads, while native integration with VMware vCenter offers an always up-to-date view of the virtual environment. Detect compromised admin credentials, back-doored infrastructure and other advanced attacks.

Full lifecycle detection of ransomware

Detect ransomware campaigns against enterprises and other organizations across all phases of an attack. By monitoring all internal network traffic, Vectra identifies in seconds the tell-tale behaviors of a ransomware attack -- command-and-control traffic, network scans and lateral movement behaviors -- before critical assets can be taken hostage.

One solution. Many benefits.

Puts your key assets first

Get real-time attack visibility and non-stop automated threat hunting to quickly find hidden cyber attacks on key assets before they cause irreparable damage. Vectra ensures that an intrusion doesn't turn into data loss, and prioritizes safety of your key assets while revealing the most significant threats.

Works for everything

Break down the silos that hold back your security team. We provide high-fidelity threat visibility across the entire network infrastructure and into the actions of all devices, including IoT and BYOD. With equal protection across all environments and hosts, Vectra brings cybersecurity across the enterprise into focus.

Empowers security teams and accelerate incident response

Respond quickly and decisively to threats by putting the most relevant information and context at your fingertips. Unlike security analytics products, we eliminate the need for manual investigations by automatically prioritizing, scoring and correlating threats with compromised hosts and key assets that are the target of an attack.

Get more from your existing security investments

Work with existing firewalls, endpoint security, network access control, and other enforcement points to automate the blocking of unknown and customized cyber attacks. Vectra also provides a definitive starting point for threat investigations, which accelerates the efficiency of SIEMs and forensic analysis tools.

A scalable, distributed architecture

The scalable, distributed Vectra architecture enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series appliances across multiple locations for unified analysis, detection and correlation of threats.

X-series appliances

Vectra X-series software can be ordered preloaded on a full-depth rack-mountable appliance that scales to accommodate the largest networks. The X-series is deployable in three modes -- Brain, Sensor or Mixed.

In Brain mode, the X-series only receives metadata from one or more sensors. In Sensor mode, the X-series ingests traffic, extracts metadata and forwards it to another Brain or Mixed-mode X-series for processing. In Mixed mode, the X-series performs both Brain and Sensor functions.

Physical S-series sensors

Vectra S-series sensors are easily deployed at remote sites or with access switches on internal network segments to extend the reach of your Vectra deployment. These small, dedicated devices passively monitor network traffic, extract critical metadata and forward it to the Brain for analysis and attack detection.

Virtual sensors

Vectra vSensors running in VMware ESXi make it easy to extend threat detection coverage across the physical network and into virtualized data centers. Connect vSensors to any VMware vSwitch in the data center for visibility into all traffic and to detect threats that pass between workloads. Vectra also integrates with VMware vCenter for an authoritative, always up-to-date view of the virtual environment.

Learn about Vectra in 2 minutes

Security that thinks

Watch Vectra learn, detect threats and prioritize those that pose the highest risk.

Distributed architecture

Extending automated real-time cybersecurity into all corners of an organization.

Data Sheet

The Vectra cybersecurity platform

Vectra delivers real-time attack visibility and puts attack details at your fingertips to empower immediate action. Machine learning software from Vectra performs non-stop, automated threat hunting with always-learning behavioral models to quickly and efficiently find hidden and unknown attackers before they do damage.

Spec Sheet

The Vectra Distributed Architecture

The scalable, distributed Vectra architecture enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series appliances across multiple locations for centralized analysis, detection and correlation of threats. This spec sheet includes technical specifications about S-series sensors, vSensors and the X-series appliance.

White Papers

How Vectra secures the cloud data center from cyber attacks

This white paper focuses on how to protect data centers from cyber attacks. It looks at the unique architectural and operational challenges of cyber security in the data center, examines real-world techniques and attacks from the wild, and proposes a framework for defending against them.

Network security redefined: Vectra's cybersecurity thinking machine detects and anticipates attacks in real time

Prevention security at the network perimeter provides one imperfect chance to stop an attack. Security professionals need automated real-time threat detection and prioritized risk reporting that show what an attacker is doing in their network and provide multiple opportunities to stop an attack. The Vectra X-series platform is the first to bring this level of intelligence and automation. Read this white paper to learn how.