Vectra AI, a leader in cloud and network detection and response (NDR), has released extended endpoint detection and response (EDR) native integration support in the Cognito platform to enhance the user experience for the security tools and procedures already deployed in their arsenal.
By unifying the NDR and EDR experience in a single UI, users get fast, simple, turnkey integrations that offer comprehensive security coverage across the enterprise, IoT devices, hybrid cloud, and cloud native applications.
To build on this coverage, Vectra is adding additional support for VMware Carbon Black EDR, VMware Carbon Black Cloud, Sentinel One Singularity, and FireEye Endpoint Security to its extensive list of native EDR integration partners, including CrowdStrike and Microsoft Defender for Endpoint.
With these integrations, users extend the unique ability to automatically respond with Vectra Host Lockdown. Host Lockdown enables the Vectra Cognito platform to automatically disable hosts that demonstrate suspicious activity at the endpoint and give analysts the option to manually disable hosts during a security investigation.
Disabling a host will significantly slow down an active attack by limiting an attacker’s access to additional resources. This drastically curtails the attack’s reach and gives the SOC more time to investigate and remediate attacks.