Vectra is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra platform and MDR services provide attack coverage across public cloud, SaaS, identity, and network infrastructure. Unlike traditional threat detection approaches that simply alert on what is “different”, Vectra’s Attack Signal Intelligence™ detects and correlates attacker behaviors - the TTPs at the heart of all attacks. The resulting alert signal clarity enables security operations teams to rapidly prioritize, investigate and respond to the most urgent cyber-attacks and stop them from becoming breaches. Organizations worldwide rely on the Vectra platform and MDR services to get ahead and stay ahead of attackers. For more information, visit www.vectra.ai
The main features of the integration include:
- Ability to create Incidents from Accounts and Hosts.
- Automatically creates Incidents in ServiceNow based on the specified criteria.
- Fetch detections based on Accounts and Hosts.
- Ability to download a PCAP file attached to a detection.
- Ability to mark the detection/s as fixed from ServiceNow to Vectra Detect.
- Manage tags of host, account and detections from ServiceNow to Vectra platform
Provided support for Utah, Vancouver and Washington DC version.
For integration with Onprem Vectra Detect, the Mid Server Application needs to be set up.
Vectra Detect Version Compatibility : Vectra Detect AI Version 2.2