Managed eXtended Detection & Response

What options does Vectra's EDR & XDR service offer?

Vectra offers a unified approach, combining Endpoint and Network detection capabilities into one AI powered platform. which can provide automation, correlation and threat intelligence. Our complete Managed Sevice, operated by our NOC and SOC specialists add IOC threat hunting, daily triage, maintenance and offence management.

By utilising technologies from Microsoft Sentinel, we unifiy all capabilities together, correlate alerts from individual tools into a holistic incident, and simplify the process by reducing administrative overhead. AI and automation come in as the only technically feasible way of protecting the entire attack surface effectively and efficiently.

The Vectra XDR Platform can even integrate with your existing technologies, giving you better visibility where you don’t yet have it, while consolidating multiple capabilities under one platform.

Managed Endpoint Detection & Response

We can offer Managed EDR in a number of ways, including managing your existing environment. Vectra’s Managed EDR Service can be offered as a stand alone service, or can be uplifted with the following capabilties which all form part of our XDR Service. Our NOC & SOC staff are skilled in various vendor platforms from Crowdstrike, Trend Micro, Microsoft, and IBM‘s ReaQta.

Managed Threat Hunting

Cyber Threat Hunting is an active information security strategy used by Vectra Cyber Security Analysts.

It consists of searching through networks to detect indicators of compromise (IoCs), hacker tactics, techniques, and procedures (TTPs), and threats such as Advanced Persistent Threats (APTs) that are evading your existing security system. Vectra uses a combination of threat intelligence and data from IBM X-Force, Crowdstrike Threat Intelligence, other worldwide reporting agencies such as the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC), and vulnerability data provided by Tenable.

Our Threat Hunting Activities include:

Hunting for insider threats or external attackers.
Proactively searching for known IoCs, and Adversaries.
Search for hidden threats and vulnerabilities to prevent attacks. We use UEBA to detect user anomalies.

Vectra Cyber Security Analysts routinely conduct Threat Hunting and maintain a register for areas of investigation.

Managed Vulnerability Scanning

Vectra’s managed vulnerability service which utilises the leadeing vulnerability scanning platform, scans your environment to identify security weaknesses. Predictive Prioritisation enables us to zero in on remediating the vulnerabilities that matter most.

Mitre ATT&CK Allignment

Our XDR SIEM is integrated into the MITRE ATT&CK framework. Vectra XDR Alerts are aligned to the Mitre ATT&CK framework, out of the box, allowing our analysts to understand current security coverage and determining how to improve it.

When looking at the constantly changing threat landscape, it’s essential to understand our own blind spots and how well we’re covered against specific threats.

XDR Platform Features & Integrations

Vectra’s XDR platform, provides our analysts with not only a single pane of glass to work from – but we can aggregate data from all security infrastructure including firewalls, EDRs, CASBs, vulnerability risk management, public clouds, threat intelligence, user activity database and more.

Vectra XDR provides 360 degree visibility across all these tools, adds broader context bringing in additional actionable insights, helps spot the most complex attacks and reduces detection and response from days to minutes through cross correlation and tightly-integration with them.

Vectra believes that threat defenders can benefit from using integrated SIEM and XDR tools for end-to-end visibility and prioritised actionable insights across all your enterprise assets.

We are committed to delivering the best-integrated experience with the broadest coverage of resources to help simplify your cyber security defences.

One platform, many components;

Log management & retention (SIEM)
Network Detection & Response, through flow data
Threat Intellignece Feeds, including adding your own
Machine Learning, and AI
Security Orchestration, Automation and Response (SOAR )
Managed & Automated Threat Hunting

Bring your EDR – turn in into XDR by adding any or all of the above!

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.