The Vectra AI Platform is the integrated signal powering XDR providing hybrid attack surface coverage across identity, public cloud, SaaS, and data center networks with AI-driven Attack Signal Intelligence that prioritizes real attacks in real-time, and integrated, automated, and managed response to move at the speed and scale of hybrid attackers.
Unlike traditional threat detection approaches that simply alert on anomalies, Vectra’s Attack Signal Intelligence™ detects and correlates attacker behaviors - the TTPs at the heart of all attacks. The resulting alert signal clarity enables security operations teams to rapidly prioritize, investigate and respond to the most urgent cyber-attacks and stop them from becoming breaches. Organizations worldwide rely on the Vectra AI Platform and MDR services to get ahead and stay ahead of attackers.
For more information, visit www.vectra.ai
- Ability to fetch Entities from the Vectra based on the different types of API filters.
- Ability to fetch detections associated with the Entities.
- Ability to configure Incident creation criteria to create Incidents.
- Ability to configure CI Lookup Rules.
- Ability to assign Incidents to a specific user.
- Ability to map Entity fields with ServiceNow Incident fields.
- Ability to download a PCAP attached to a detection.
- Ability to mark/unmark the detection(s) as fixed from ServiceNow.
- Ability to mark all detections as fixed from an Entity.
- Ability to fetch the detections from the Entity form view.
- Ability to get latest details of detection by performing “Describe Detection” action.
Initial release
Vectra Platform: *Respond UX
Vectra API: *3.3
(* is the minimum requirement)