What options does Vectra's EDR & XDR service offer?
Vectra offers a unified approach, combining Endpoint and Network detection capabilities into one AI powered platform. which can provide automation, correlation and threat intelligence. Our complete Managed Sevice, operated by our NOC and SOC specialists add IOC threat hunting, daily triage, maintenance and offence management.
By utilising technologies from Microsoft Sentinel, we unifiy all capabilities together, correlate alerts from individual tools into a holistic incident, and simplify the process by reducing administrative overhead. AI and automation come in as the only technically feasible way of protecting the entire attack surface effectively and efficiently.
The Vectra XDR Platform can even integrate with your existing technologies, giving you better visibility where you don’t yet have it, while consolidating multiple capabilities under one platform.
Managed Endpoint Detection & Response
We can offer Managed EDR in a number of ways, including managing your existing environment. Vectra’s Managed EDR Service can be offered as a stand alone service, or can be uplifted with the following capabilties which all form part of our XDR Service. Our NOC & SOC staff are skilled in various vendor platforms from Crowdstrike, Trend Micro, Microsoft, and IBM‘s ReaQta.
Managed Threat Hunting
Cyber Threat Hunting is an active information security strategy used by Vectra Cyber Security Analysts.
It consists of searching through networks to detect indicators of compromise (IoCs), hacker tactics, techniques, and procedures (TTPs), and threats such as Advanced Persistent Threats (APTs) that are evading your existing security system. Vectra uses a combination of threat intelligence and data from IBM X-Force, Crowdstrike Threat Intelligence, other worldwide reporting agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC), and vulnerability data provided by Tenable.
Our Threat Hunting Activities include:
- Hunting for insider threats or external attackers.
- Proactively searching for known IoCs, and Adversaries.
- Search for hidden threats and vulnerabilities to prevent attacks. We use UEBA to detect user anomalies.
Managed Vulnerability Scanning
Vectra’s managed vulnerability service which utilises the leadeing vulnerability scanning platform, scans your environment to identify security weaknesses. Predictive Prioritisation enables us to zero in on remediating the vulnerabilities that matter most.
Mitre ATT&CK Allignment
Our XDR SIEM is integrated into the MITRE ATT&CK framework. Vectra XDR Alerts are aligned to the Mitre ATT&CK framework, out of the box, allowing our analysts to understand current security coverage and determining how to improve it.
When looking at the constantly changing threat landscape, it’s essential to understand our own blind spots and how well we’re covered against specific threats.
XDR Platform Features & Integrations
Vectra’s XDR platform, provides our analysts with not only a single pane of glass to work from – but we can aggregate data from all security infrastructure including firewalls, EDRs, CASBs, vulnerability risk management, public clouds, threat intelligence, user activity database and more.
Vectra XDR provides 360 degree visibility across all these tools, adds broader context bringing in additional actionable insights, helps spot the most complex attacks and reduces detection and response from days to minutes through cross correlation and tightly-integration with them.
Vectra believes that threat defenders can benefit from using integrated SIEM and XDR tools for end-to-end visibility and prioritised actionable insights across all your enterprise assets.
We are committed to delivering the best-integrated experience with the broadest coverage of resources to help simplify your cyber security defences.
One platform, many components;
- Log management & retention (SIEM)
- Network Detection & Response, through flow data
- Threat Intellignece Feeds, including adding your own
- Machine Learning, and AI
- Security Orchestration, Automation and Response (SOAR )
- Managed & Automated Threat Hunting
Bring your EDR – turn in into XDR by adding any or all of the above!