2020-01-05T07:29:00Z

What do you like most about Vectra AI?

Miriam Tover - PeerSpot reviewer
  • 1
  • 60
PeerSpot user
36

36 Answers

LF
Real User
2023-12-13T15:17:42Z
Dec 13, 2023

Vectra AI generates relevant information.

Search for a product comparison
Sajid Mukhtar - PeerSpot reviewer
Real User
Top 10
2023-09-11T09:17:00Z
Sep 11, 2023

It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another.

Dan Jeske - PeerSpot reviewer
Reseller
Top 5
2023-08-11T14:37:00Z
Aug 11, 2023

Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools.

Atakan Oztuna - PeerSpot reviewer
Reseller
Top 10
2023-08-04T12:13:00Z
Aug 4, 2023

Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud.

GW
Real User
Top 20
2023-05-29T11:46:00Z
May 29, 2023

We particularly like the user experience around the dashboard, which we find to be much more straightforward than the dashboard of some of the competitive products... Vectra is a really easy system to understand and use to prioritize where we need to focus our security resources.

CF
Consultant
Top 20
2023-03-07T08:55:00Z
Mar 7, 2023

We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force.

Learn what your peers think about Vectra AI. Get advice and tips from experienced pros sharing their opinions. Updated: February 2024.
763,955 professionals have used our research since 2012.
PL
Real User
Top 20
2023-03-07T08:55:00Z
Mar 7, 2023

Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution.

Przemyslaw Cichochki - PeerSpot reviewer
Consultant
Top 10
2023-03-07T08:53:00Z
Mar 7, 2023

I like the way that Vectra AI focuses on the internal network. Nowadays, most of the attackers are already inside, and they can be inside for many years before they start attacking. With normal monitoring, it's quite difficult to find them.

HB
Real User
Top 20
2023-03-07T08:53:00Z
Mar 7, 2023

It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI.

AT
Real User
Top 20
2023-03-07T08:51:00Z
Mar 7, 2023

The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable.

NK
Real User
Top 20
2023-03-07T08:51:00Z
Mar 7, 2023

The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time.

Tony Whelton - PeerSpot reviewer
Real User
Top 10
2023-03-07T08:49:00Z
Mar 7, 2023

The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us.

RM
Real User
Top 20
2023-03-07T08:49:00Z
Mar 7, 2023

Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well.

MG
Real User
Top 20
2023-03-07T08:47:00Z
Mar 7, 2023

We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems.

ML
MSP
Top 20
2023-03-07T08:45:00Z
Mar 7, 2023

The core product provides excellent visibility, but my favorite feature is Vectra Recall.

SA
Real User
Top 20
2023-03-06T12:59:00Z
Mar 6, 2023

Vectra AI is the best. It is a major product in our cybersecurity.

AS
Real User
Top 20
2023-03-06T12:57:00Z
Mar 6, 2023

Vectra AI helped our team be more productive and save time. We have less work thanks to it.

MB
Real User
Top 20
2023-03-06T10:54:00Z
Mar 6, 2023

The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen.

PV
Real User
Top 20
2023-03-06T10:54:00Z
Mar 6, 2023

One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things.

FU
Real User
Top 20
2022-11-16T12:14:00Z
Nov 16, 2022

What I like best about Vectra AI is that it alerts you about suspicious activities.

AG
Real User
Top 20
2022-10-06T18:19:00Z
Oct 6, 2022

The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well.

MD
Real User
2020-05-13T09:16:00Z
May 13, 2020

The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those.

SR
Real User
2020-02-25T06:59:00Z
Feb 25, 2020

One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources.

LW
Real User
2020-01-05T07:29:00Z
Jan 5, 2020

One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it.

FH
Real User
2021-10-14T20:04:00Z
Oct 14, 2021

Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis.

TS
Real User
2021-07-01T16:53:00Z
Jul 1, 2021

It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra.

PR
Real User
2021-05-19T13:11:00Z
May 19, 2021

The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into.

BV
Real User
2020-10-29T10:12:00Z
Oct 29, 2020

It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response.

SW
Real User
2020-10-21T04:34:00Z
Oct 21, 2020

The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away.

MH
Real User
2020-07-26T08:19:00Z
Jul 26, 2020

It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched.

JM
Real User
2020-06-03T06:54:00Z
Jun 3, 2020

Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day.

ZM
Real User
2020-05-28T06:26:00Z
May 28, 2020

One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team.

EW
Real User
2020-05-27T08:03:00Z
May 27, 2020

The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment.

JV
Real User
2020-04-30T10:58:00Z
Apr 30, 2020

It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution...

AG
Real User
Top 20
2020-03-04T08:49:00Z
Mar 4, 2020

The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day.

RM
Real User
2020-01-12T07:22:00Z
Jan 12, 2020

It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part.

Vectra threat detection and response is a complete cybersecurity platform that collects, detects, and prioritizes security alerts. The Cognito platform for Network Detection and Response (NDR) detects and responds to attacks inside cloud, data center, Internet of Things, and enterprise networks. The platform also provides automated response capabilities for low-level threats and escalates more severe anomalies to security personnel. Cognito captures data for multiple relevant sources and...
Download Vectra AI ReportRead more