Threat Hunting and Discovery: A SANS Review of Vectra Cognito

  • Webcast Aired Thursday, 16 Jan 2020 1:00PM EST (16 Jan 2020 18:00 UTC)
  • Speakers: Dave Shackleford, Tim Wade

Vectra's Cognito platform is an intelligent, AI-driven threat detection and response system for native and hybrid cloud environments. The platform captures network metadata and enriches it with machine learning-derived security intelligence. In this SANS webcast, expert Dave Shackleford and Tim Wade, from Vectra, discuss detection of attack behaviors 'including MITRE ATT&CK methodologies and how we need to adapt to better protect an organization. They will cover why it's difficult to detect attack behavior and outline Cognito's key features, touching on such topics as Cognito's interface and how it helps analysts move faster and more effectively; how the platform finds useful data for threat hunting; and the role of network traffic analysis and AI in monitoring and responding to threats. They will also discuss the detection of unusual hosts, advanced threat hunting and how Cognito's various features (reporting, metadata, shared links and more) help simplify tasks.

Register today to be among the first to receive the associated whitepaper written by security expert Dave Shackleford.