Groups are a core component of the Vectra AI Platform. They aid in organizing entities, streamlining the triage of detections, and general management within the Vectra AI Platform. Previously, the only way to add or remove entities from groups was for a user to manually do so via the Vectra Platform UI or API. Shockingly, when security engineers manage groups, 78% of that time is spent adding hosts and accounts into groups.
It’s such a simple concept – you add hosts and accounts into groups to organize them into triage rules. This incredible amount of time and effort spent on group management is time security engineers could be spending on things other than groups, such as research and development for detections or building a stronger and smarter security program.
Saving our customers time and providing efficiency around groups inspired us to create a solution to streamline Group Management. That’s why the Vectra AI Product team built what we call “Dynamic Groups.”
Built to make your life easier as a security engineer
Dynamic Groups is a feature within the Vectra AI Platform that allows users to set rules against entity names that automatically and dynamically sort hosts and accounts into groups, removing the manual work behind group management. With each Dynamic Group created, the host or account will be automatically triaged based on the filters set by the user so it can influence entity prioritization based on its importance.
This feature improves the overall quality of the Vectra AI signal with less noise through smarter prioritization and more efficient investigations supplied with even more context. Not only does this new feature impact signal efficacy, but it also heavily reduces the burden security engineers encounter when managing groups. Once these groups are set up, they will continue to work forever, ensuring that engineers don’t have to continually keep them updated.
For more information on setting up Dynamic Groups, please read our knowledge-base article and schedule a demo to see it in action!