Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home SOC

Vectra AI Offers a Security Assist to Microsoft Defender ATP and Azure Sentinel

Azure Sentinel News Editor by Azure Sentinel News Editor
November 13, 2020
in SOC
0
Vectra AI Offers a Security Assist to Microsoft Defender ATP and Azure Sentinel
1.3kViews

Vectra AI Offers a Security Assist to Microsoft Defender ATP and Azure Sentinel

The eight-year-old, San Jose, Calif.-based Vectra attracted $100 million in a Series E funding round last June in part due to growing interest in its approach to network threat detection and response (NDR).

Vectra’s Cognito platform uses artificial intelligence to help identify attacks coming over the network and over the cloud and deploys easy-to-understand scoring and charting to help professionals in a security operations center (SOC) prioritize the most critical threats and respond to them quickly or automatically based on user-defined rules.

The company is going to market through partnerships with major security players, emphasizing a Gartner-published concept known as the “SOC visibility triad.” In Vectra’s implementation, the triad consists of the company’s own NDR tool for network and cloud visibility, combined and integrated with other vendors’ endpoint detection and response (EDR) tools and with partners’ security information and event management (SIEM) tools.

In theory, the triad would cast a wider, more comprehensive net for potential attacks while dramatically reducing the signal-to-noise problem with security alerts. Current Vectra partners for other legs of the triad include CrowdStrike, Carbon Black, Cybereason, SentinelOne, ArcSight, IBM, Chronicle and Splunk.

The news on Tuesday is not Vectra’s first foray into Microsoft technologies. In February, Vectra launched Cognito Detect for Office 365, which used detection models focused on credentials and privilege in SaaS applications to stop attacks.

But the Tuesday announcement involves working with Microsoft to bring the SOC visibility triad effort to the Microsoft stack. In triad terms, Vectra is the NDR piece, and as of Tuesday, it is integrated with Microsoft Defender Advanced Threat Protection (ATP) for the EDR piece and with Azure Sentinel for the SIEM piece.

The Defender ATP integrations with Vectra combine the cloud/datacenter detections with Microsoft’s process-level context from the endpoint, and allow for the isolation or disabling of compromised systems. On the Sentinel side, Vectra created custom workbooks in Azure Sentinel that bring elements of their dashboard into Microsoft’s cloud SIEM product.

By working with those two strategic components of the Microsoft security mix, Vectra also on Tuesday joined the Microsoft Intelligent Security Association (MISA), a group of more than 80 members with deep programmatic hooks into a dozen Microsoft security technologies or products. In addition to Defender ATP and Azure Sentinel, the MISA-related technologies include Azure Active Directory, Azure Information Protection, Microsoft Endpoint Manager, Microsoft Graph Security API, Microsoft Cloud App Security, Azure Security Center, Azure Security Center for IoT Security, DMARC reporting for Microsoft 365, Windows antimalware platform and Azure DDOS Protection.

Reference: https://rcpmag.com/blogs/scott-bekker/2020/06/ai-security-for-azure.aspx

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

Microsoft’s newest sustainable datacenter region coming to Arizona in 2021
SOC

How to Evolve the SOC with Azure Sentinel: Hunting Queries

January 5, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021
SOC

How to Grant Access to Specific Azure Sentinel Playbooks for Specific Analysts

December 31, 2020
Enriching Windows Security Events with Parameterized Function
SOC

New Private Preview Tag in Azure Sentinel

December 30, 2020
Next Post
Microsoft announces Azure Sentinel SIEM general availability

Microsoft announces Azure Sentinel SIEM general availability

Alcide Joins Microsoft Intelligent Security Association (MISA) and integrates their Kubernetes security, Alcide kAudit, with Microsoft Azure Sentinel

Alcide Joins Microsoft Intelligent Security Association (MISA) and integrates their Kubernetes security, Alcide kAudit, with Microsoft Azure Sentinel

Microsoft announces the public preview of Watchlist feature in Azure Sentinel

Microsoft announces the public preview of Watchlist feature in Azure Sentinel

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

Azure Stack and Azure Arc for data services from Blog Posts – SQLServerCentral

How to Protect Office 365 with Azure Sentinel

2 months ago
ForgeRock Joins Microsoft Intelligent Security Association

Satya Nadella’s 5 biggest statements at Microsoft Ignite 2020

3 months ago
Microsoft renames and unifies more products under Microsoft Defender brand

Microsoft renames and unifies more products under Microsoft Defender brand

3 months ago
Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service

Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service

3 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

New Items of Note on the Azure Sentinel GitHub Repo

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

New Search Capability for Azure Sentinel Incidents

Follow-up: Microsoft Tech Talks Practical Sentinel : A Day in the Life of a Sentinel Analyst

Changes in How Running Hunting Queries Works in Azure Sentinel

Azure Sentinel can now Analyze All Available Azure Active Directory Log Files

Trending

What’s new: Microsoft Teams connector in Public Preview
IR

How to Generate Azure Sentinel Incidents for Testing

by Azure Sentinel News Editor
February 26, 2021
0

Do you want to generate an Incident in Azure Sentinel for testing/demoing? Here’s a couple easy ways...

What’s new: Microsoft Teams connector in Public Preview

Azure Sentinel Notebooks Loses It’s Preview Tag

February 25, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting

February 22, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

New Items of Note on the Azure Sentinel GitHub Repo

February 18, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

February 17, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to Generate Azure Sentinel Incidents for Testing February 26, 2021
  • Azure Sentinel Notebooks Loses It’s Preview Tag February 25, 2021
  • The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting February 22, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News