Research & Insights

AI security research and innovation to fuel your cybersecurity strategy

Collaborative study, modeling, and analysis led by the world’s most sophisticated data scientists and security researchers is at the foundation of everything we do.
Here's the proof.

We have more patents in AI-driven threat detection than any other cybersecurity company on the planet

With 35 patents in AI-driven threat detection and more references than any other vendor in MITRE D3FEND, we provide advanced signal intelligence your SOC can trust.

FEATURED PATENT

Hierarchical ML Models for Detection

Our improved approach for identifying breaches by applying machine learning methods designed to learn access patterns in your network.

Learn more
FEATURED PATENT

Privileged Account Breach Detections

Our advanced approach for detecting potentially malicious activity by focusing on accounts most useful to attackers.

Learn more
FEATURED PATENT

Relay and Jump System Detection

Our enhanced program for detecting hosts and connections between hosts that are being used as relays to gain control.

Learn more

Our front line experts

These are our frontline experts from Vectra AI, the voices representing our culture of research and data science in the core areas of cybersecurity strategy, threat research, and AI & machine learning. Our experts bring that deep insight to you – made possible by standing on the shoulders of the almost 600 Vectra AI technical professionals that make this expertise their primary mission.

Christian Borst
EMEA CTO

Christian Borst, EMEA CTO at Vectra AI has more than 15 years of experience in IT and Cyber Security. Before joining Vectra AI in 2022 he built and executed the global cyber security strategy for Richemont – a leading luxury goods group. As a former consultant and current Advisory Board & Board Member, he is actively engaged in the cyber security community across different countries & industries. He holds a university degree from Freiburg University in Computer Science specializing in AI & Psychology.

Oliver Tavakoli
Chief Technology Officer

Oliver Tavakoli is Chief Technology Officer at Vectra AI. He sets the technical strategy for the company. Oliver has overseen the adoption of technology in cybersecurity for over 25 years, the last ten of which have been at Vectra AI. Prior to Vectra AI, Oliver was the CTO for the security business of Juniper Networks. He joined Juniper as a result of its acquisition of Funk Software, where Oliver was the CTO.

Earlier in his career, Oliver worked at IBM, Fluent Machines, and Novell Inc and founded Trilogy Inc, which was acquired by Funk Software.

Tim Wade
Deputy Chief Technology Officer

Tim Wade is Vectra AI's Deputy Chief Technology Officer and is an advocate for a vision of technology which places human dignity at the core of its mission. Tim traces much of his career in cybersecurity and technology leadership through the U.S. DoD and Federal sectors, having begun that journey as a uniformed member of the United States Air Force. He joins Vectra AI most recently from Bridgepoint Education Inc. having served as the Head of Application and Information Security. Tim holds an MS in Computer Science from the University of Southern California, an MBA from Arizona State University, and maintains industry credentials issued by Offensive Security and (ISC)2.

Dmitriy Beryoza
Senior Security Researcher

Dmitriy Beryoza is a Senior Security Researcher with Vectra, working on threat detection in the cloud and on-prem networks. Before that, he was a penetration tester and secure software development advocate at IBM. Before switching to security full-time, Dmitriy has been a software developer for many years. He spoke at DEF CON, BSides Las Vegas, BSides SF, Hackfest, and other security conferences. Dmitriy holds a Ph.D. in Computer Science and OSCP, CISSP, CCSP and CEH certifications. His interests include reverse engineering, secure software development, and CTF competitions.

Joshua St. Hilaire
Director of Security Research

Joshua St.Hilaire is currently a Director of Security Research at Vectra where he currently leads research on adversarial detection models. He has twenty years of experience in computer security focused on incident response, threat hunting and reverse-engineering. Additionally, Joshua St. Hilaire began his career serving the United States Air Force and was responsible for keeping U.S. DoD information systems secure on a global scale.

Luke Richards
Threat Intelligence Lead

Luke is the Threat Intel Lead for Vectra. He has been with the company for 7 years, joining as a consultant analyst and working with customers and high level incident response directly. Before joining Vectra, Luke was a senior Security Analyst for an international Engineering and Defence contractor where he developed SOC toolsets, processes, and incident response playbooks.

Arpan Sarkar
Senior Security Engineer

Arpan Sarkar is a Senior Technical Marketing Engineer at Vectra AI. Arpan is a engineer at core with a passion to create simple solutions for hard problems in cyber security. Arpan brings extensive experience in threat research, threat hunting and threat detection engineering. Prior to joining Vectra AI, Arpan worked on developing behavior based threat detection, creating  new threat hunting services and consulting organizations on threat hunting and insider threat programs. Arpan holds a MS in Cyber Security from Rochester Institute of Technology and a Bachelors in Computer Science from SRM University.

Kat Traxler
Principal Security Researcher

Kat Traxler is the Principal Security Researcher at Vectra AI, focusing on abuse techniques and vulnerabilities in the public cloud. Before her current role, she worked at various stages in the SDLC, performing web application penetration testing and security architecture design for Web, IAM, Payment, and Cloud Native Technologies.

Kat’s research philosophy directs her work to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security, and where the OS layer interfaces with higher-level abstractions.

Kat has presented at various conferences, including the SANS CloudSecNext Summit and fwd:CloudSec, on topics such as privilege escalation in GCP and bug-hunting in the cloud. In addition to her work at Vectra AI, she is a member of IANS Faculty and the Lead Author of the SANS SEC549 - Enterprise Cloud Security Architecture and holds multiple GIAC certifications. You can find her on the internet as @nightmareJS.

Sohrob Kazerounian
Distinguished AI Researcher

Sohrob Kazerounian is a Distinguished AI Researcher at Vectra AI where he develops and applies novel machine learning architectures in the domain of cybersecurity. After realizing that his goal of becoming a skilled hacker was not meant to be, he focused his studies on Artificial Intelligence, with a particular interest in neural networks. After receiving his Ph.D. in  Cognitive and Neural Systems at Boston University, he held a postdoctoral fellowship at the Swiss AI Lab (IDSIA) working on Deep Learning, Recurrent Neural Networks, and Reinforcement Learning.

Himanshu Mhatre
Distinguished Data Scientist

Himanshu is a Distinguished Data Scientist and over the past 11+ years at Vectra has driven the evolution of the AI capabilities of our products and platform in support of longer-term company initiatives and has since been an inventor of multiple AI-driven patented and patent-pending technologies. He completed his Ph.D. in Cognitive and Neural Systems at Boston University and held a Kavli Postdoctoral Fellowship in Neuroscience at Columbia University.

Alex Groyz
Cloud Security Architect

Alex Groyz is a Security Researcher at Vectra AI with over a decade of experience in IT and software development. He specializes in cloud security, particularly within AWS holding several certifications, including AWS Solutions Architect Professional and AWS Security Specialist.

Prior to joining Vectra, Alex worked in client-facing roles, developing hybrid cloud strategies and helping organizations securely migrate their workloads. His diverse engineering background also includes designing, building, and deploying applications to cloud infrastructures.Alex's deep understanding of software development grounds his work as a Security Researcher, allowing him to anticipate the mindset of attackers and effectively identify and mitigate security threats.

Dmitriy Beryoza
Senior Security Researcher

Dmitriy Beryoza is a Senior Security Researcher with Vectra, working on threat detection in the cloud and on-prem networks. Before that, he was a penetration tester and secure software development advocate at IBM. Before switching to security full-time, Dmitriy has been a software developer for many years. He spoke at DEF CON, BSides Las Vegas, BSides SF, Hackfest, and other security conferences. Dmitriy holds a Ph.D. in Computer Science and OSCP, CISSP, CCSP and CEH certifications. His interests include reverse engineering, secure software development, and CTF competitions.

Christian Borst
EMEA CTO

Christian Borst, EMEA CTO at Vectra AI has more than 15 years of experience in IT and Cyber Security. Before joining Vectra AI in 2022 he built and executed the global cyber security strategy for Richemont – a leading luxury goods group. As a former consultant and current Advisory Board & Board Member, he is actively engaged in the cyber security community across different countries & industries. He holds a university degree from Freiburg University in Computer Science specializing in AI & Psychology.

Joshua St. Hilaire
Director of Security Research

Joshua St.Hilaire is currently a Director of Security Research at Vectra where he currently leads research on adversarial detection models. He has twenty years of experience in computer security focused on incident response, threat hunting and reverse-engineering. Additionally, Joshua St. Hilaire began his career serving the United States Air Force and was responsible for keeping U.S. DoD information systems secure on a global scale.

Sohrob Kazerounian
Distinguished AI Researcher

Sohrob Kazerounian is a Distinguished AI Researcher at Vectra AI where he develops and applies novel machine learning architectures in the domain of cybersecurity. After realizing that his goal of becoming a skilled hacker was not meant to be, he focused his studies on Artificial Intelligence, with a particular interest in neural networks. After receiving his Ph.D. in  Cognitive and Neural Systems at Boston University, he held a postdoctoral fellowship at the Swiss AI Lab (IDSIA) working on Deep Learning, Recurrent Neural Networks, and Reinforcement Learning.

Himanshu Mhatre
Distinguished Data Scientist

Himanshu is a Distinguished Data Scientist and over the past 11+ years at Vectra has driven the evolution of the AI capabilities of our products and platform in support of longer-term company initiatives and has since been an inventor of multiple AI-driven patented and patent-pending technologies. He completed his Ph.D. in Cognitive and Neural Systems at Boston University and held a Kavli Postdoctoral Fellowship in Neuroscience at Columbia University.

Luke Richards
Threat Intelligence Lead

Luke is the Threat Intel Lead for Vectra. He has been with the company for 7 years, joining as a consultant analyst and working with customers and high level incident response directly. Before joining Vectra, Luke was a senior Security Analyst for an international Engineering and Defence contractor where he developed SOC toolsets, processes, and incident response playbooks.

Arpan Sarkar
Senior Security Engineer

Arpan Sarkar is a Senior Technical Marketing Engineer at Vectra AI. Arpan is a engineer at core with a passion to create simple solutions for hard problems in cyber security. Arpan brings extensive experience in threat research, threat hunting and threat detection engineering. Prior to joining Vectra AI, Arpan worked on developing behavior based threat detection, creating  new threat hunting services and consulting organizations on threat hunting and insider threat programs. Arpan holds a MS in Cyber Security from Rochester Institute of Technology and a Bachelors in Computer Science from SRM University.

Oliver Tavakoli
Chief Technology Officer

Oliver Tavakoli is Chief Technology Officer at Vectra AI. He sets the technical strategy for the company. Oliver has overseen the adoption of technology in cybersecurity for over 25 years, the last ten of which have been at Vectra AI. Prior to Vectra AI, Oliver was the CTO for the security business of Juniper Networks. He joined Juniper as a result of its acquisition of Funk Software, where Oliver was the CTO.

Earlier in his career, Oliver worked at IBM, Fluent Machines, and Novell Inc and founded Trilogy Inc, which was acquired by Funk Software.

Kat Traxler
Principal Security Researcher

Kat Traxler is the Principal Security Researcher at Vectra AI, focusing on abuse techniques and vulnerabilities in the public cloud. Before her current role, she worked at various stages in the SDLC, performing web application penetration testing and security architecture design for Web, IAM, Payment, and Cloud Native Technologies.

Kat’s research philosophy directs her work to where design flaws and misconfigurations are most probable. This guiding principle leads her research to the intersection of technologies, particularly the convergence of cloud security and application security, and where the OS layer interfaces with higher-level abstractions.

Kat has presented at various conferences, including the SANS CloudSecNext Summit and fwd:CloudSec, on topics such as privilege escalation in GCP and bug-hunting in the cloud. In addition to her work at Vectra AI, she is a member of IANS Faculty and the Lead Author of the SANS SEC549 - Enterprise Cloud Security Architecture and holds multiple GIAC certifications. You can find her on the internet as @nightmareJS.

Tim Wade
Deputy Chief Technology Officer

Tim Wade is Vectra AI's Deputy Chief Technology Officer and is an advocate for a vision of technology which places human dignity at the core of its mission. Tim traces much of his career in cybersecurity and technology leadership through the U.S. DoD and Federal sectors, having begun that journey as a uniformed member of the United States Air Force. He joins Vectra AI most recently from Bridgepoint Education Inc. having served as the Head of Application and Information Security. Tim holds an MS in Computer Science from the University of Southern California, an MBA from Arizona State University, and maintains industry credentials issued by Offensive Security and (ISC)2.

Our research

Expert insights from Vectra AI data scientists, product engineers and security researchers empower your SOC analysts to make faster, smarter decisions.

Featured Research Report
Vectra AI: Leader in IDC MarketScape 2024 for NDR

Source: "IDC MarketScape: Worldwide Network Detection and Response 2024 Vendor Assessment", by: Christopher Kissel, Monika Soltysik and Frank Dickson, November 2024, IDC # US51752324

IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of ICT suppliers in a given market.  The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. The Capabilities score measures vendor product, go-to-market and business execution in the short-term. The Strategy score measures alignment of vendor strategies with customer requirements in a 3-5-year timeframe. Vendor market share is represented by the size of the circles.

Featured Research Report
2024 State of Threat Detection

Discover the 2024 State of Threat Detection report insights, highlighting SOC challenges, AI adoption, and vendor responsibility in enhancing cyber defense.

Featured Research Report
2024 Gartner Voice of the Customer for Network Detection and Response
Featured Research Report
Vectra AI named a market leader for Network Detection and Response
Featured Research Report
Attack Exposure Gap Analysis: Where Attackers Expose Beyond EDR and Firewall Controls

A gap analysis to help organizations understand their threat exposure even with endpoint controls in place, and what actions can be taken to address the risks.

Featured Research Report
Vectra AI Coverage Mapping to NIST Framework

Protect tactics are not enough for combatting hybrid cloud attacks. Vectra AI delivers 75% full coverage of relevant NIST CSF 2.0 Framework.

Featured Research Report
Tag Security Annual 2023: Special Reprint Edition

The need to reduce cyber risk has never been greater — is your organization prepared?

Get the latest insights from TAG 

Download the report for an exclusive interview with Vectra AI’s product VP, plus bonus content on today’s attack landscape:

  • AI-enhanced hybrid cloud threat detection and response strategies: Read the Q&A to see how Vectra AI empowers defenders to investigate attacks at speed and scale. 
  • What should a board understand about AI: Insights from TAG’s founder and CEO on the future of AI in cybersecurity.
  • Cybersecurity in the space domain: A cautionary tale of cyber risk from the International Space Station’s control center.

Featured Research Report
2023 State of Threat Detection in Netherlands

80% of analysts admit the organization they work in may have been compromised and they don't know it yet. Threat detection is fundamentally broken.

Why do SOC analysts believe the tools they use are effective, when those same tools leave them unable to effectively stop cyberattacks? Discover the disconnect, and how to fix it in the State of Threat Detection Report.

Featured Research Report
SANS Report - AI in XDR: What It Means and Where It Fits

The threat landscape is changing dramatically — is your SOC team prepared? With AI-driven extended detection and response (XDR), you can be.

Featured Research Report
Gartner SOC Model Guide

Use these Gartner guidelines, courtesy of Vectra AI, to evaluate your SOC and learn which hybrid SOC models are being widely adopted today.

Featured Research Report
2023 State of Threat Detection

71% of analysts admit the organization they work in may have been compromised and they don't know it yet. Threat detection is fundamentally broken.

Why do SOC analysts believe the tools they use are effective, when those same tools leave them unable to effectively stop cyberattacks? Discover the disconnect, and how to fix it in the State of Threat Detection Report.

Featured Research Report
State of Cloud Security in the Enterprise

This survey shed light on several enterprise security elements.

Featured Research Report
The Evolving Role of NDR

Learn why 75% turn to network detection & response (NDR) solutions as a first line of defense.

Featured Research Report
Ransomware Impact on Large Global Enterprises | Sans Spotlight Report

Ransomware as an attack profile is too prolific and impactful for organizations to ignore. Organizations that are not wise to these threats or that remain unaware of ransomware trends will find themselves caught off guard and quickly taken advantage of. Ransomware is a formidable threat that has changed the way many organizations do business and security teams do battle.

Featured Research Report
Post-Incident Report: Stopping a RansomOp Before Ransomware

On Sunday June 13, 2021, the Vectra managed detection and response (MDR) team responded to an urgent request for assistance from a customer in the manufacturing sector. Vectra MDR analysts worked closely with the customer’s team to stop and remediate an active attack using detections and data from the Vectra threat detection and response platform.

Featured Research Report
Are Cybersecurity Teams at Breaking Point?

The struggle is real. The global cybersecurity skills shortfall now stands at 2.7 million workers globally, including nearly 200,000 in Europe and 33,000 in the UK alone. Exacerbating the issue, the global pandemic is rolling into its third year with no clear signs of ending. This is creating even more staffing demands – individuals are being signed off sick, while work from home mandates are disrupting traditional patterns, making many everyday tasks more difficult and time-consuming.

Featured Research Report
2024 Gartner® Market Guide for Network Detection and Response (NDR)
Featured Research Report
XDR Should Be Viewed as An Open Architecture

What are the major threat detection and response issues and what can be done to address them?

Featured Research Report
Security Leaders Research Report: Fit for Purpose or Behind the Curve?

From the rapid proliferation of cloud to the growing adoption of micro-services, DevOps, and APIs, new pockets of opportunity are opening up for threat actors to take advantage of. This e-Book contains analysis and findings from a global survey of IT security decision makers on how they are tackling these dynamic threats.

Featured Research Report
Top 10 Detections Across Financial Services Institutions

As the cloud continues to change everything we know about security, the right data along with meaningful AI can help bring clarity to the cloud.

Featured Research Report
Top 10 Detections Across the Education Sector

While it might seem like quite a chore for an already swamped IT staff to sort out how to defend their new cloud assets— AI can make all the difference.

Featured Research Report
Top 10 Detections Across Healthcare Organizations

Ransomware attacks that carry through in a healthcare system can mean stolen medical records and data but can also be physically disruptive when they cause delays in patient care.

Featured Research Report
Top 10 Detections Across Manufacturing Organizations

Manufacturing continues to increase cloud usage for speed and scale, which adds a layer on top of the attack surface to the already dispersed operational technology infrastructure.

Featured Research Report
Breaking Down the SolarWinds Breach: an Inside Look at the Methods Used

HIGHLIGHTS

  • Multiple communication channels, phases, and tools were used to establish interactive, hands-on-keyboard control. Each phase was designed to minimize the chance of detection, with techniques that defeat IDS tool signatures, EDR, manual threat hunting, and even common approaches to ML-based detection.
  • The DGA used in this attack was different: a single, unique subdomain was generated for each victim, compromised of a globally unique ID calculated from local attributes and an encoding of the victim hostname.
  • Vectra’s AI will see through the evasion tactics applied and detect the tunnels as soon as they go active.
  • Vectra uniquely protects the entire network of hybrid, on-premise, and cloud connectivity with learning behavioral models that understand both hosts and identities—tracking and stopping attackers earlier in the kill chain.

Featured Research Report
A Customer’s Perspective: Ransomware Post-Incident Report

This post-incident report from a Vectra® pharmaceutical customer* shows step by step how the Vectra threat detection and response platform identified early indicators of a ransomware attack and prevented the encryption of network file shares.

Featured Research Report
The 2020 Spotlight Report on Healthcare

The migration to the cloud has been in motion for some time, but the Covid-19 pandemic has accelerated this transition, especially for healthcare organizations where there has been an increase in telemedicine and new remote work requirements.

Featured Research Report
2020 Spotlight Report on Privileged Access

Vectra research shows that privileged access from unknown hosts occurs inside every industry, leading to unintended exposure of critical systems. Yet these privileged accounts rarely receive direct oversight or technical control of how they are used, even when privileged access management tools are in place. It is this lack of oversight or understanding of how privileged accounts are being used that creates the operational and financial risk for organizations. If used improperly, privileged accounts have the power to cause much damage, including data theft, espionage, sabotage, or ransom.

Featured Research Report
2020 Vectra Attacker Behavior Industry Report