Vectra AI has announced the availability of its Cognito platform in the Microsoft Azure Marketplace, and the Amazon Web Services (AWS) Marketplace.
The agreement with Microsoft will allow organizations interested in using the Vectra Cognito platform across cloud, data center, networks and IoT/OT to now test or purchase Cognito on Azure Marketplace using their pre-existing agreements with Microsoft.
The AWS partnership will allow AWS customers worldwide to deploy Vectra’s suite of solutions through their AWS Enterprise Discount Plan for seamless procurement at a reduced rate. The accelerated purchasing process ensures fast time-to-value for customers leveraging Vectra solutions to gain real-time security, operational and cost management insights across their hybrid AWS environment.
Account takeover in Office 365 has become the largest security threat vector in the cloud. The strategic approach allows the attacker to gain access to the data and privileges associated with the compromised account and then work their way laterally through the network. The Cognito platform accelerates threat detection, investigation, and response using AI to enrich cloud logs and network metadata. Once enriched, the data is collected and stored with the right context to detect, hunt, and investigate known and unknown threats in real-time.
Vectra offers four applications on the Cognito platform to address these high-priority use cases:
• Cognito Detect for Office 365 and Azure AD finds and stops attacks in enterprise SaaS applications and the Microsoft 365 Ecosystem. The application offers visibility into Power Automate, Teams, eDiscovery, Compliance Search, Azure AD backend, Exchange, SharePoint, third party SaaS providers and more.
• Cognito Detect provides the fastest most efficient way to prioritize and stop attacks across cloud, data center, applications, and workloads, as well as user & IoT devices and accounts.
• Cognito Stream sends security-enriched metadata to data lakes and SIEMs in Zeek-format.
• Cognito Recall is a cloud-based application that stores and investigates threats in enriched metadata.
Azure users of Vectra’s Cognito platform can combine cloud and data center detections with in-depth information from Microsoft Defender for Endpoint for greater context and stop attacks at the endpoint. Cognito is also seamlessly integrated with Azure Sentinel to create custom workbooks for enhanced investigation, correlation, and automation.
For AWS users, Vectra’s Cognito platform integrates with AWS virtual private cloud (VPC) traffic mirroring to monitor all infrastructure-as-a-service traffic. Cognito also integrates with AWS Security Hub to publish Vectra detections as findings in Security Hub, enabling security teams to correlate Vectra attacker detections with other data sources for faster threat hunting and incident investigations.
“Vectra is focused on making things easier for its customers. Whether that requires helping security teams see and stop the most sophisticated cyberattacks at scale, or making it quick and easy to find, buy and deploy industry-leading threat detection and response technology,” said Randy Schirman, Vice President at Vectra AI. “For companies that rely on the global footprint, scalability, reliability and agility of Microsoft Azure and AWS, we now offer a one-stop shopping experience via a pre-approved and preferred purchasing channel.”
Vectra’s Cognito platform is now available worldwide on the Microsoft Azure and AWS Marketplaces. Purchases made through the two marketplaces also help streamline billing and procurement for joint customers.