1. What is Vectra AI?

So far, I have explained about the market called NDR. In this article, I would like to specifically touch on the Cognito platform provided by NDR player Vectra AI and verify its capabilities.

First, Vectra AI, Inc is an NDR vendor headquartered in San Jose, USA and was founded in 2011. Currently, we have global bases and have started business in Japan. The product name, Cognito platform, has been adopted by many customers across industries, and the Company also guide customers who have security issues.

2. Features and benefits of Vectra AI

The Cognito platform provided by Vectra AI combines (1) efficient implementation, (2) automatic learning using AI, (3) detection based on security frameworks, (4) retrospective analysis by forensics, and (5) cooperation with 3rd party solutions. The biggest challenge in security operations is that the time it takes for a coordinated attacker to compromise enterprise security ranges from hours to often tens of minutes, while defenders can There was a gap that took several hundred days to realize. Vectra AI's Cognito platform implements detection logic that uses AI and security frames, making it possible to monitor the entire target network and detect infringements in real time. As a result, it is possible to quickly discover infringements within the company, so we can expect a dramatic improvement in security levels.

NDR Platform - Cognito Platform

- Cognito is a solution that provides a bird's-eye view of an AI-powered network internal threat detection and response platform

3. Maximize time value

Another security challenge on the defender side can be represented in the diagram below. In the graph, the horizontal axis shows the security operation time, and the vertical axis shows the level at which threats can be recognized and detected. "1" refers to corporate security with a very simple security system. In this case, the operation time is also faster, but at the same time the level of threat perception is lower. After that, as the tools and services are expanded, the functions will be improved to "2" and "3", but what should be noted is that the operation time will be longer due to the implementation of too many tools, as in "3", which will reduce the response process. There was a problem that it became unproductive. On the other hand, "4" and "5" can greatly shorten the operation time while increasing the level of threat recognition by implementing NDR etc. This is maximizing the value of time in security operations, and is expected to become a concern for many companies in the future.

Vectra AI - Detection that maximizes the value of time

• Classified into 4 categories according to severity: Low/Medium/High/Critical
• Events are continuously tracked and critical events are promoted to “Critical” on the top right for quick operation

4. Summary

Vectra AI is one of the leading vendors in the NDR market, capable of solving many of the current enterprise security challenges. Vectra AI enables comprehensive network detection and visibility into critical events that require a response. The following detection image realizes the utility of "maximizing the time value of operations in the security era assuming intrusion".

Maximizing time value in security

• Introduction of security products tends to increase response time (1→3)
• Leveraging NDR maximizes response time (3→5)

Introducing NDR Solution

弊社では、NDRソリューションとして、VectraAI製品を取り扱っております。

We will propose the best solution and utilization method according to the customer's request, so please feel free to contact us when you need it.

Click here for detailed information

back to the list