Vectra Introduces Cognito Recall to Deliver AI-Assisted Threat Hunting and Enable Conclusive Incident Investigations
Joins Cognito Detect as a Cornerstone of the AI-Powered Cognito Cyberattack-Detection and Threat-Hunting Platform
May 23, 2018, 08:08 ET
SAN JOSE, Calif., May 23, 2018 /PRNewswire/ -- Vectra, the leader in AI-powered cyberattack detection and threat hunting, today announced a major expansion of the Cognito platform with Cognito Recall. A comprehensive source of enriched metadata, Cognito Recall empowers highly-skilled security analysts to conduct conclusive incident investigations and perform AI-assisted threat hunting.
Many of today's threat hunting tools enlist manual techniques, suffer from inflexible data retention and access, rely on expensive and proprietary storage, and lack the fidelity and context required for swift and thorough attack investigations.
Cognito Recall rises above these deficiencies by collecting, analyzing and storing as much metadata as needed for forensic investigations and compliance mandates like GDPR. It also empowers AI-assisted threat hunting using high-quality indicators of compromise and provides a chain of forensic evidence behind every cyberattack.
"We deployed Cognito Recall and it delivered immediate value," said John Shaffer, CIO at global investment banking firm Greenhill & Company. "Cognito Recall enabled us to more quickly and thoroughly perform an incident investigation based on endpoint security alerts. It empowered our team to do something in minutes that would normally require days and prevented a risk to our business."
Cognito Recall and its equally powerful AI counterpart, Cognito Detect, are cornerstones of the Vectra Cognito platform. Cognito Detect automates the real-time detection of hidden attackers in cloud and data center workloads and user and internet-of-things devices while giving Cognito Recall a logical starting point to perform AI-assisted threat hunting as part of the investigative process.
"While working with customers who use the Cognito platform, we found that they face significant operational challenges when conducting manual forensic investigations and threat hunting," said Kevin Kennedy, vice president of product management at Vectra. "Cognito Recall tackles these challenges by providing the best single high-fidelity source for enriched metadata coupled with tight integration with Cognito Detect. And by leveraging our cloud delivery, customers benefit from limitless scale and zero management overhead."
The unique capabilities of Cognito Recall are summarized below:
- Empowers threat hunters. With real-time collection and storage of enriched enterprise-wide metadata, relevant logs and cloud events, Cognito Recall enables threat hunters to leverage their deep knowledge of advance cyberattacks.
- Enables intelligent investigation of device activity. All network metadata stored in Cognito Recall is associated with devices and host names, not just IP addresses, enabling intelligent investigations of any device's activity over time, regardless of IP address changes.
- Provides enterprise-wide visibility. Cognito Recall provides high-fidelity visibility into the actions of all cloud and data center workloads and user and IoT devices by collecting and storing enriched network metadata, relevant logs and cloud events in real-time.
- Delivers cloud-powered limitless scale. Cognito Recall is cloud-based, enabling near-limitless scale. Store and search metadata for as long as you need it while Vectra manages the infrastructure.
Vectra Networks is positioned by Gartner, Inc. in the Visionaries quadrant in its 2018 Magic Quadrant for Intrusion Detection and Prevention Systems¹.
¹Gartner, Inc., Magic Quadrant for Intrusion Detection and Prevention Systems, Craig Lawson, Claudio Neiva, January 10, 2018.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Vectra® is transforming cybersecurity with AI. Its Cognito™ platform automates cyberattack detection and empowers threat hunters from data center and cloud workloads to user and IoT devices. Cognito correlates threats, prioritizes hosts based on risk and provides rich context to empower incident response with existing security systems, reducing security operations workload by 32X. The company has been issued 10 U.S. patents with 11 patents pending for cybersecurity applications of machine learning and artificial intelligence. Vectra is headquartered in San Jose, Calif. and has European regional headquarters in Zurich. For more information, visit vectra.ai.
Lumina Communications for Vectra
Share this article