Manage threats in real-time with attacker-behavior analytics

Prevent cyber attacks; stop malware and ransomware

Vectra Networks delivers a new class of advanced threat defense that delivers real-time detection and analysis of active network intrusions. Vectra technology picks up where perimeter security leaves off by providing deep, continuous analysis of both internal and Internet-facing network traffic to automatically detect all phases of a breach as attackers attempt to spy, spread, and steal within your network.

Vectra directly analyzes network traffic in real time using a patent-pending combination of data science, machine learning, and behavioral analysis to detect attacker behaviors and user anomalies in the network. All detections are correlated and prioritized to show an attack in context, and Vectra Networks' machine learning adapts as attacks evolve.

Learn more about Vectra by downloading the data sheet.

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology


Detect all phases of an active attack

Vectra picks up where perimeter security stops by continuously analyzing all network traffic for malicious behaviors of an ongoing cyber attack. The solution detects all phases of attack including command and control, internal reconnaissance, lateral movement, ransomware activity, data exfiltration, and botnet monetization behaviors -- automatically and in real time.

Lifecycle management of ransomware attacks

Vectra directly detects the behaviors of ransomware attacks on the network, and provides staff with multiple early-warning opportunities by exposing the malicious behaviors that precede the encryption of enterprise data such as command-and- control traffic, network scanning, or spreading of additional malware.

Automatically correlate and prioritize hosts at the center of attacks

The Vectra Threat Certainty Index™ automatically consolidates all detections and confidence scores to quickly reveal the specific hosts that pose the greatest risk to the network. This enables security teams to focus on the detections that matter most, while vastly reducing the time to response for security analysts.

Detections based on data science not signatures

Vectra uses a patent-pending combination of data science, machine learning, and behavioral analysis to reveal the fundamental characteristics of malicious behavior without the need for countless signatures and reputation-based rules.

Single-click access to attack details

Vectra ensures that the proof of a detected threat is always immediately available. Whether investigating specific detections or hosts, security staff can view the underlying events that triggered the detection, view the victim's connections with other hosts and access packet captures in one click for further analysis.

Detection triage

Custom detection categories enable staff to track misconfigurations, and high-risk application or out-of-policy user behavior that can potentially enable or obscure a cyber attack.

Adaptive Distributed Architecture

The Vectra Adaptive Distributed Architecture provides a simple and efficient way to extend cybersecurity to all areas of an organization. Security teams can seamlessly monitor remote sites where attackers start as well as internal network segments that contain key assets attackers will try to steal. Vectra gives you full visibility into all network traffic and offers a unified view of cybersecurity posture.


One solution, many benefits

Simple to deploy

With a few simple instructions, the Vectra software is ready to use with no customization. Vectra listens, thinks and learns everything it needs to identify an attack at any phase.

Another brain always helps

Machine learning, data science and behavioral analytics enable Vectra to detect never-seen-before attacks at any stage across the entire attack surface of your organization.

Works for everything

Vectra performs threat detection and identifies attacks on all operating systems, applications and devices. The Vectra cloud service automatically updates platforms to detect new attack behaviors.

Intuitive adaptive reporting

Vectra provides a simple dashboard that always prioritizes the highest risk hosts in the network, any changes in a host's threat and certainty scores and any key assets that are showing signs of attack. A highly customizable reporting engine allows users to share this same information on demand or on a set schedule.

Continuous and real time

Vectra is always listening rather than scanning periodically. It detects when the attack starts, changes or subsides, and the details are always one click away.

Mobile-workforce friendly

Vectra detects threats walked into an organization everyday on personal mobile devices that prevention security systems at the perimeter never see.

Unified and Consistent Cybersecurity for the Entire Enterprise

Vectra Networks provides a scalable distributed architecture to ensure customers can maintain full visibility of their networks regardless of their organizational size or physical distribution. S-series sensors and X-series platforms provide the ability to scale to any size of network across geographically dispersed sites while delivering the centralized analysis, detection and correlation of threats so organizations have one unified view of their risk profile.

X-series Platforms

The X-series platform software can be ordered preloaded on a full-depth rack-mountable appliance designed to scale with even the largest networks. The X-series platform can be deployed as an all-in-one device to both monitor traffic and perform real-time threat detection. The X-series platform can also be deployed in combination with S-series sensors that monitor traffic with the X-series performing all detection, analysis and correlation of threats on metadata from sensors.

S-series Sensors

The S-series sensors are small, dedicated sensors that can be easily deployed in remote sites or with access switches on internal network segments. Sensors passively monitor network traffic, extract critical metadata from it and forward the metadata on to an X-series platform for threat analysis. Sensors can be deployed either in-line as a bump-in-the-wire that "fails open" or on a SPAN or TAP port. The small size and simple deployment model of the S-series ensures enterprises have comprehensive coverage throughout the network, especially to remote sites such as small offices, clinics and retail locations.

Learn about Vectra in 2 minutes

Security that thinks in action

Watch Vectra learn, detect threats and report the highest priority risks

Distributed Architecture

Extending automated real-time, cybersecurity into all corners of an organization

Data Sheet

Vectra X-series Platforms and S-series Sensor Product Data Sheet

White Paper

Network security redefined: Vectra's cybersecurity thinking machine detects and anticipates attacks in real time

Prevention security at the network perimeter provides one imperfect chance to stop an attack. Security professionals need automated real-time threat detection and prioritized risk reporting that show what an attacker is doing in their network and provide multiple opportunities to stop an attack. The Vectra X-series platform is the first to bring this level of intelligence and automation. Read this white paper to learn how.

Deployment Guide

Vectra X-series platform deployment guide

This document will help prepare for deployment, installation and configuration of a Vectra X-series platform. Discover the simplicity and ease of use.