Additional Info

CompanyVectra AI
Company size (employees)100 to 499
Type of solutionCloud/SaaS


Vectra Cognito Detect for Office 365 ingests activity logs from multiple services like O365, Azure AD, SharePoint/OneDrive and Exchange. The Vectra Cognito AI-driven threat detection and response platform has a deep understanding of Office 365 application semantics and leverages supervised and unsupervised machine learning models. By analyzing events like logins, file creation/manipulation, DLP configuration, and mailbox routing configuration & automation changes, it accurately finds attacker behavior patterns across the entire attacker kill chain.
The result is high precision actionable detections instead of anomaly alerts, so it can accurately expose even novel and never before seen attackers with high confidence. The detections are correlated to accounts which provides the security team the prioritization and narrative to act quickly.
As the industry’s first threat detection and response solution for the cloud, Vectra Detect for Office 365 and Azure AD is an extension of Vectra’s proven Cognito platform that currently protects public clouds, private data centers, and enterprise environments to Microsoft Office 365.
Detect™ for Office 365 automatically identifies and stops cyberattackers who leverage the Office 365 suite to attack organisations. The Vectra approach leverages security research combined with data science to create a solution that understands real attacker behaviors and account privilege abuse in Office 365. Delivered as a cloud native, agentless, SaaS solution, Detect for Office 365 detects and stops known and unknown attacks before they lead to breaches, without relying on preventative security.

How we are different

In response to more companies like Microsoft and Amazon, transitioning to a SaaS-based infrastructure, Vectra launched Detect for AWS. Detect for AWS provides continuous, scalable agentless threat detection, prioritization, investigation, and response to attacks targeting applications running on AWS, as well as users, compute, and storage instances, including the use on AWS in the control plane. Detect for AWS works both at runtime and holistically across all AWS regions.

Unlike anything else, Vectra delivers complete threat detection and response initiatives across an enterprise cloud environment. AI-driven machine learning algorithms identify high-risk threat behaviors in all traffic and relevant logs to find cloud attacks in their earliest phases, thus reducing threat detection times from days to minutes.

In Detect for AWS’ first 90 days of availability, it was deployed to protect over 4 million accounts with zero data breaches to date.