Vectra AI

The fastest way to detect and stop cyber attackers – from users and IoT devices to data centers and the cloud.

Vectra AI combines human proficiency and advanced threat research with a broad set of data science and modern machine learning techniques to provide automated threat detection, triage and correlation 24/7 across the entire enterprise.

Vectra cuts detection times and costs by automating data collection, threat detection, analysis and response functions. This gives security operations teams actionable information to stop attacks fast.

By leveraging AI to automate the manual, time-consuming Tier-1 analysis of security events, Vectra condenses weeks or months of work into minutes, reducing the time spent on threat investigations by up to 90% so SOC teams can focus on data loss prevention and mitigation.

Features you need

  • The intelligence to reveal all phases of attack

    Automatically expose fundamental attack behaviors in network traffic, such as remote access tools, hidden tunnels, backdoors, credential abuse, and recon tools. We continuously learn your local network environment and track all physical and virtual hosts to reveal signs of compromised devices or insider threats.

  • Blind-spot-free threat coverage

    Monitor all enterprise traffic – Internet traffic, internal network traffic and traffic within the data center – leaving attackers with nowhere to hide. We monitor all host devices equally, including laptops, servers, BYOD, IoT, virtual assets, as well as routers, switches and firewalls that make up the physical infrastructure.

  • Find the biggest threats with certainty

    The Threat Certainty Index™ consolidates thousands of events and historical context to pinpoint hosts that pose the biggest threat. Instead of generating more events to analyze, we boil down mountains of data to show what matters. Threat and certainty scores trigger notifications to your staff or a response from other enforcement points, SIEMs and forensic tools.

  • Security context for faster response

    Automate the time-consuming Tier 1 analysis of individual security events and eliminate the endless hunt and search for threats. Security analysts can instantly see other devices that infected hosts communicate with and how. On-demand access to packet captures speeds-up forensic analysis so security teams can take immediate, decisive action.

  • Native security for your private cloud

    Monitor the virtualized layer of the data center and its underlying infrastructure to detect complex attacks. Vectra virtual sensors (vSensors) ensures visibility into all traffic passing between workloads, while native integration with VMware vCenter offers an always up-to-date view of the virtual environment. Detect compromised admin credentials, back-doored infrastructure and other advanced attacks.

  • Full lifecycle detection of ransomware

    Detect ransomware campaigns against enterprises and other organizations across all phases of an attack. By monitoring all internal network traffic, Vectra identifies in seconds the tell-tale behaviors of a ransomware attack -- command-and-control traffic, network scans and lateral movement behaviors -- before critical assets can be taken hostage.

One solution. Many benefits.

  • vpn_key

    Puts your key assets first

    Get real-time attack visibility and non-stop automated threat hunting to quickly find hidden cyber attacks on key assets before they cause irreparable damage. Vectra ensures that an intrusion doesn't turn into data loss, and prioritizes the safety of your key assets while revealing threats that pose the highest risk.

  • playlist_add_check

    Works for everything

    We deliver high-fidelity threat visibility to every corner of the enterprise, to virtualized data centers and into the actions of every network device, including IoT and BYOD. With equal protection across all environments and hosts, Vectra brings the fight against cyber attackers into focus wherever you do business.

  • timer

    Empowers security teams and accelerate incident response

    Respond quickly and decisively to threats by putting the most relevant information and context at your fingertips. Unlike security analytics products, we eliminate manual investigations by automatically prioritizing and correlating threats with compromised hosts and key assets that are the target of an attack.

  • zoom_out_map

    Get more from your existing security investments

    Vectra works with your next-generation firewalls, endpoint response and other enforcement points to automatically block unknown and customized cyber attacks. Vectra also provides a clear starting point for threat investigations, which accelerates the efficiency of SIEMs and forensic analysis tools.

The Vectra architecture

  • trending_up

    Scalable and distributed

    The scalable, distributed Vectra architecture enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series software across multiple locations for unified analysis, detection and correlation of threats.

  • assistant

    X-series software

    Vectra X-series software can be ordered preloaded on a full-depth rack-mountable appliance that scales to accommodate the largest networks. The X-series is deployable in three modes – Brain, Sensor or Mixed.

    In Brain mode, the X-series only receives metadata from one or more sensors. In Sensor mode, the X-series ingests traffic, extracts metadata and forwards it to another Brain or Mixed-mode X-series for processing. In Mixed mode, the X-series performs both Brain and Sensor functions.

  • remove_red_eye

    S-series sensors

    Vectra S-series sensors are easily deployed at remote sites or with access switches on internal network segments to extend the reach of your Vectra deployment. These small, dedicated devices passively monitor network traffic, extract critical metadata and forward it to the Brain for analysis and attack detection.

  • cloud_download

    Virtual sensors

    Vectra vSensors running in VMware ESXi make it easy to extend threat detection coverage across the physical network and into virtualized data centers. Connect vSensors to any VMware vSwitch in the data center for visibility into all traffic and to detect threats that pass between workloads. Vectra also integrates with VMware vCenter for an authoritative, always up-to-date view of the virtual environment.

Learn about Vectra in two minutes

It’s security that thinks®

Watch Vectra learn, detect threats and prioritize those that pose the highest risk.

Distributed architecture

Extending automated real-time cybersecurity into all corners of an organization.

Data Sheet

The Vectra cybersecurity platform

Vectra delivers real-time attack visibility and puts attack details at your fingertips to empower immediate action. Machine learning software from Vectra performs non-stop, automated threat hunting with always-learning behavioral models to quickly and efficiently find hidden and unknown attackers before they do damage.

Spec Sheet

The Vectra distributed architecture

The scalable, distributed Vectra architecture enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series appliances across multiple locations for centralized analysis, detection and correlation of threats. This spec sheet includes technical specifications about S-series sensors, vSensors and the X-series appliance.