Approach and Vectra are partnering to enhance your cyber defence capabilities with a full managed Network Detection and Response solution (NDR).
How fast will you be able to detect real cyber-attacks and stop them? Our cyber expertise combined with the leading network detection and response (NDR) solutions from Vectra will help you to obtain quick threat visibility across your environment and respond faster against attacks.
Organisations are experiencing more complex and targeted attacks in which traditional security approaches are not enough to stop bad actors. Security investments must be diversified to include detection and response – not just prevention. The network touches everything, making NDR a foundational strategy for protecting against cyber threats.
Approach has selected Cognito from Vectra as preferred technology for our Network Detection and Response solution since it is a recognised leader by Gartner in this market, and is able to detect and respond to attacks inside the cloud, a data centre, the IoT and on-premise enterprise network.
"We are convinced that the combination of Vectra with our unique Cybersecurity team of experts brings the best of breed innovation and AI and professional service oriented solution for our customers, thereby enhancing their cyber defence capabilities while reducing cybersecurity risk. It is also an essential component of our full managed detect and response solution" explains Laurent Deheyer, Director of Approach.
The NDR processes in a nutshell
Capture & analyse
The sensor(s) capture(s) the data from the network traffic or logs from your cloud, SaaS, data centre and enterprise environments, and proceed(s) to extract relevant metadata to detect attacker behaviour.
Self-learning behavioural models improve the scoring of threats continuously. These models enrich the extracted metadata with security information derived from machine learning, including security patterns such as beacons, normal patterns through machine learning, weak signals that can be classified as precursors, attacker behaviour, account and host scores as well as correlated attack campaigns.
Our NDR is capable of detecting every step of an attack in a network traffic flow. Vectra covers 57 of 67 (85%) of the network techniques identified by the ATT&CK model, which indirectly exposes techniques that attackers use to compromise endpoints. Detected threats are then automatically triaged and prioritised based on the risk level. Scoring and correlation reduce the security analyst’s workload dramatically.
The advanced detection and detailed actionable context capabilities enable you to respond early to emerging threats, and the analysts to make an informed decision with all the required information, before the attack is successful, while helping to speed up the response to an incident.