Splunk and Vectra: Enhanced Integration for Powerful Threat Detection and Response

A key part of making sure threat detections can be seen, is by fitting into the way that security operations teams work.

The latest step Vectra has taken in this is a newly released version of our Splunk Integration.

Vectra's updated view is designed for the new network, where threats may be detected in your data center, from remote workers, in SaaS apps, or on the public cloud.

Vectra combines all of these different data sources into a single, unified pane of glass, where the top threat to your organization (across every source) is listed, so you know exactly what to action first—be it a host or an account, on the Network, or in the cloud.

Regardless of how many attack vectors you might be worried about, Vectra will show you the number one priority based on what our algorithms say requires attention—across every surface we are monitoring.

This priority is not at a detection level, but at an entity level, which is the actual actor Vectra has spotted performing suspicious activities. This could be a host in your data center, a service account in AWS, or an Azure AD user. Vectra is able to measure the threat (how bad the attack is if it’s real), and certainty (how certain we are it’s real), to create a quadrant view, from “Low” to “Critical,” and we represent these data in the product itself.

More information can be found on Vectra's website: https://bit.ly/vectra-and-splunk

Видео Splunk and Vectra: Enhanced Integration for Powerful Threat Detection and Response канала Vectra AI