Company: Vectra, San Jose, CA
Entry Submitted By: BaySide Media
Company Description: Vectra offers the fastest way to detect and stop hidden cyberattackers – from cloud and data center workloads to user and IoT devices.
Nomination Category: New Product & Service Categories - Software
Nomination Sub Category: New Product or Service of the Year - Software - Artificial Intelligence/ Machine Learning Solution
Nomination Title: Vectra AI
Tell the story about this nominated product or service (up to 650 words). Describe its function, features, benefits, and performance to date:
Cyberattackers operate undetected for an average of 99 days, but obtain administrator credentials in less than three days, and 53% of attacks are discovered only after notification from an external party (Mandiant M-Trends Report 2017).
Threats are highly complex, multi-stage attacks that are difficult to pinpoint. Security operations center (SOC) teams deal with mountains of alerts. Security analysts must chase-down every alert – contributing to significant alert fatigue – without knowing which alerts represent a critical threat. Most SOC teams review only a small fraction of the total, which often turn out to be noncritical or false positives.
At the same time, security leaders face a massive skills and human resource gap. It’s estimated that there are more than 1 million cybersecurity positioned unfilled – growing to 1.5 million by 2019 (cybersecurityventures.com/jobs).
Vectra is transforming cybersecurity with AI.
The Cognito™ threat detection and response platform from Vectra® automates the hunt for cyberattackers and speeds-up incident response.
Using artificial intelligence (AI), Cognito automates the real-time detection and response to in-progress cyberattacks hiding inside enterprise networks. Cognito is the fastest way to find and stop active threats – from cloud and data center workloads to user and internet-of-things devices.
The Vectra Cognito approach to threat detection blends human expertise with a broad set of data science techniques and machine learning algorithms, including supervised (pre-trained) and unsupervised machine learning that leverage deep learning and neural networks. Combined, they reduce the amount of human intervention and analysis ordinarily required, enabling Cognito to deliver continuous threat intelligence to detect and respond to in-progress cyberattacks in real time.
The Vectra data science and threat research teams take unexplained phenomenon seen in customer networks and dig deeper to find the underlying reasons for the observed behavior. Vectra Threat Lab researchers identify, investigate and report a wide range of cyberattacks, security vulnerabilities and threat behaviors that largely go unnoticed by most security teams. With data sets from the research team, data scientists develop the attacker detection algorithms behind Cognito. With a diverse history of applying cutting-edge AI to different problems, the Vectra team is extremely agile in a constantly changing threat landscape.
Cognito connects the dots of attacker behaviors.
For security analysts and security operations teams, Cognito provides an ongoing, complete and integrated view that reveals complex multistage attacks as they unfold inside enterprise networks.
Cognito triages, scores and correlates threats to hosts, and correlates attack behaviors to provide the narrative of developing attacks. Threats are prioritized on Cognito’s https: //vectra.ai/video/demo-cyber-attack-detection-ui-intro/?modalview">intuitive user interface while remediation actions are taken with other security technologies – SIEMs, firewalls, endpoint enforcement, network access control and orchestration – that are tightly integrated via APIs.
Cognito connects the dots of related attacker behavior detections across all hosts in real time, relieving the burden on analysts to manually find these relationships. Integrated threat intelligence and indicators-of-compromise feeds amplify the attacker signal. Security teams can detect the early signs of an advancing attack campaign and quickly stop it.
Cognito speeds-up incident response.
Cognito dramatically reduces the time it takes to detect and respond to active cyberattacks. What took hours or days now takes minutes.
Cognito has reduced customers’ security operations workload by 29X or more, according to the 2017 Vectra Attacker Behavior Industry Report. https://info.vectra.ai/hubfs/Vectra-Attacker-Behavior-Industry-Report-20...
Cognito is part of a well-coordinated security infrastructure.
Tight integration with leading security tools allows customers to build well-coordinated security infrastructures that automatically map active attacks to infected hosts, rank the certainty and severity of threats, and prioritize the threats that pose the highest risk. Cognito works with leading endpoint security (e.g., Carbon Black, Crowdstrike, McAfee, Symantec), network access control (e.g., Cisco ISE), firewall (e.g., Cisco ASA, Juniper, Palo Alto), SIEM (e.g., ArcSight, QRadar, Splunk), security orchestration (e.g., Demisto, Phantom) and network visibility (e.g., Gigamon, Ixia) products.
In bullet-list form, briefly summarize up to ten (10) of the chief features and benefits of the nominated product or service.
-Issued five U.S. patents for AI that automates the hunt for cyberattacker behaviors. Fourteen additional patent applications are pending.
-Revenue in 2017 exceeded revenue in 2016 by 181%.
-Added 85 new customers and the size of our new customers grew from an average of 3,000 employees in 2016 to 11,000 employees in 2017.
-Vectra is the only visionary in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems. https://info.vectra.ai/vectra-visionary-2018-gartner-magic-quadrant-for-...
-Continued innovation: With attack campaigns, Cognito reveals all hosts affected by a single in-progress cyberattack and predicts the attack’s potential spread to enable real-time response.
-Integrated threat intelligence and indicator-of-compromise feeds into Cognito to expand attacker detection coverage.
-“Vectra saved the university system $7 million in a year by eliminating the need for post-breach forensics,” says Daniel Basile, executive director of the security operations center at the Texas A&M University System.