Vectra uses artificial intelligence to improve detection and response over time, eliminating false positives so organizations can focus on real threats. The company’s automated threat detection and response platform blends human expertise with data science and machine learning techniques, delivering a continuous cycle of threat intelligence based on cutting-edge research and learning models.
The company can identify the fundamental traits that threats share, flag what is normal and abnormal in the local network and connect disparate events to reveal the larger attack narrative. Vectra begins by detecting and analyzing as many threats as possible to identify what they have in common, which requires a large-scale analysis of malicious traffic and the expertise to decide what truly matters.
Vectra’s local learning models look for indicators of important phases of an attack or attack techniques, such as that an attacker is exploring the network, evaluating hosts for attack, or using stolen credentials. The company’s model tracks events through the cyberattack kill chain, correlating them to specific hosts that show signs of threat behaviors and assimilating them into an up-to-the-moment risk score.