Learn about Vectra solutions


Everything you need to know about Cognito

Cognito delivers real-time cyberattack visibility and puts attack details at your fingertips to empower immediate action. Cognito performs non-stop, automated threat hunting with always-learning behavioral models to quickly and efficiently find hidden and unknown attackers before they do damage.

Data Sheet

Cognito platform specifications

The scalable, distributed Cognito platform enables customers to deploy a combination of physical S-series sensors, virtual sensors (vSensors) and X-series appliances across multiple locations for centralized analysis, detection and correlation of threats. It includes technical specifications about S-series sensors, vSensors and the X-series appliance.

Download the German version
Download the French version

White Paper

How to improve ROI and operational efficiency for cybersecurity

IT security is an ongoing exercise in ROI and operational efficiency. Organizations have a limited set of resources to address an unlimited set of risks, threats and attackers. This asymmetry means that security products must always be evaluated in terms of efficacy as well as their impact on the operational fitness of the organization.

Industry Solutions

How financial institutions can stop cyberattacks in their tracks

With the unique ability to automatically hunt down cyberattackers inside your network, Cognito from Vectra enables IT security teams in the financial services industry to respond to threat incidents with unprecedented speed, accuracy and efficiency – well before cybercriminals can steal key assets and cause public embarrassment.

Protecting patient health and privacy from cybercriminals

By combining data science, modern machine learning and behavioral analysis, Cognito from Vectra gives healthcare organizations a powerful new class of real-time threat detection that automates the hunt for cyberattackers inside your network and accelerates incident response to safeguard patient information and other critical assets.

How pharmaceutical companies can protect valuable IP

Cognito from Vectra helps pharmaceutical companies protect their IP by providing continuous, automated threat surveillance and detection inside the network. By automating threat detection and speeding up incident response, Cognito reduces threat investigations from days to minutes so security teams can prevent the damage and theft of IP.

How medical device manufacturers can safeguard vital IP

Cyberattacks are a key and growing vector for intellectual property theft. Understanding the nature and scope of these cyberthreats – and how to combat them – is critical to protecting IP. With Cognito from Vectra, medical device manufacturers get the advanced, real-time network analysis and detection they need to protect valuable IP assets.

Protecting higher education networks from cyberthreats

Universities and colleges will continue to be a juicy target for cyberattackers. Cognito from Vectra arms IT security teams at higher education institutions with real-time automated threat hunting and incident response to rapidly detect known and unknown cyberattacks inside any network across the constantly evolving threat landscape.

Compliance Solutions

How Cognito from Vectra helps meet FFIEC cybersecurity requirements

This compliance brief explains how the Cognito threat detection and response platform supports specific cybersecurity assessment categories under the Federal Financial Institutions Examination Council (FFIEC), in conjunction with the National Institute of Standards and Technology (NIST).

How Cognito enables compliance with the General Data Protection Regulation (GDPR)

The GDPR protects personal information and enables the free flow of data between European Union member states and foreign entities. This compliance brief details how Cognito contributes to GDPR compliance and protects personal data by providing continuous, automated threat surveillance and detection across an organization’s network.

Download the German version
Download the French version

How Cognito addresses key elements of the NIST framework

This compliance brief highlights key components of the NIST cybersecurity framework and explains in detail how the Cognito platform addresses these key components. Vectra provides operators of critical infrastructure with real-time automated threat hunting and incident response across the entire enterprise.

How Cognito supports DFARS and the NIST framework

Embracing key parts of the NIST framework in support of the Defense Federal Acquisition Regulation Supplement, the Cognito cybersecurity platform provides DoD contractors and subcontractors with continuous, automated threat detection and response across enterprise networks – from cloud and data center workloads to user and IoT devices.

How Cognito enables the implementation of an adaptive security architecture

An adaptive security architecture, as described by Gartner, encompasses four vital capabilities – prevention, detection, response and prediction – all of which must work in concert. Cognito addresses the need for an adaptive security architecture by providing continuous, automated threat hunting across the entire enterprise network.

Read the Gartner report, Designing an Adaptive Security Architecture for Protection From Advanced Attacks

How Cognito meets CIS Critical Security Controls 6.0

Critical Security Controls developed through federal and community efforts, coordinated by the SANS Institute, and maintained by the Center for Internet Security can mitigate modern attack profiles. “By adopting basic cyber hygiene, enterprises can reduce their cyberrisk profile,” says Jane Holl Lute, board member and former CEO at CIS.

How Cognito meets PCI DSS 3.2 requirements

This compliance solution brief explains how Cognito addresses specific PCI DSS 3.2 compliance requirements while providing real-time insight into active cyberthreats. Automated reporting capabilities enable organizations to create a PCI DSS compliance audit trail and take decisive action to stop attacks and mitigate their impact.

Technology Partner Solutions

Cognito enhances data center protection through VMware

By integrating with the VMware vSphere hypervisor, vCenter management console and NSX Network Virtualization and Security Platform, Cognito addresses critical vulnerabilities at every layer of the virtualized data center and exposes cyberattacks against applications, data, virtualization layers and the underlying physical infrastructure.

Faster network and endpoint detection and response

The integration of the Cognito automated threat hunting platform with Falcon Insight endpoint detection and response unifies network and endpoint context to quickly detect, verify and isolate cyberattacks. Together, Cognito and Falcon Insight can stop active cyberattacks faster while increasing the efficiency security operations teams.

Detect and mitigate cyberattacks with Cognito and Carbon Black

The integration of Cognito from Vectra with Cb Response from Carbon Black lets security teams unify network and endpoint context to rapidly detect, verify, and isolate cyberattacks in the enterprise. Together, we make it easier to stop active cyberattacks while getting more out of limited time and manpower of IT security teams.

Integrating Cognito with Micro Focus ArcSight

The Cognito and Micro Focus ArcSight SIEM integration brings all Cognito detections and host scores directly into the ArcSight dashboard, enabling them to be easily integrated into existing security workflows.

Integrating Cognito with IBM QRadar

The Cognito and QRadar integration empowers fast, context-driven cyberattack investigations. They deliver practical solutions to persistent problems that often plague security teams – finding and stopping hidden cyberattacks inside networks, while getting more out of your security team’s limited time and resources.

Integrating Cognito with Splunk

Cognito integrates AI-based automated threat hunting and incident response with the operational intelligence of the Splunk platform. Together, they solve one of the most persistent problems facing enterprise cybersecurity teams – finding and stopping active cyberattacks while getting more out of limited time and resources.

Vectra Active Enforcement for the Demisto security automation and orchestration platform

Vectra Active Enforcement for Demisto turns Cognito threat detections into action by integrating with other security solutions to stop attacker traffic or quarantine infected hosts. Collaboration and forensics capabilities provide efficiency and include advanced investigation features that automate data enrichment and analysis.

Vectra Active Enforcement for the Phantom security automation and orchestration platform

The Vectra Active Enforcement application for Phantom automatically detects hidden cyberattack behaviors, pinpoints host devices at the center of an attack, and blocks threats before key assets are damaged or stolen. Together, they prompt rapid enforcement actions by next-generation firewalls, endpoint security and NAC solutions.

Juniper and Cognito create a new class of advanced persistent threat defense

Using the Spotlight Secure Connector API, the Cognito platform analyzes internal network traffic to reveal all phases of an active cyberattack, including hidden command-and-control communications, internal reconnaissance behaviors, lateral movement, botnet monetization fraud, and data exfiltration.

Gigamon provides intelligent traffic filtering for Cognito

The GigaSECURE® platform from Gigamon provides intelligent filtering on physical and virtual networks and passes that traffic to the Cognito threat detection and response platform for real-time threat analysis. Multiple Gigamon tap points deployed at the edge and core provide Cognito with intelligent traffic filtering at key points.

Ixia provides complete network access for Cognito

Ixia Network Packet Brokers passively direct out-of-band network traffic from multiple network access points – such as SPANs, taps and virtual taps (vTaps) – to the Vectra X-series appliance for inspection and analysis. Traffic is aggregated from these access points, which results in vastly improved network visibility and greater operational efficiency.

Company Backgrounder

Everything you need to know about Vectra

Incorporated in 2011, Vectra is the leader in real-time detection of in-progress cyberattacks. The company’s AI-based Cognito threat detection and response platform continuously and automatically monitors internal network traffic to immediately detect cyberattacks while they are happening.