Real Time Container Level Security

Key outcomes from the Gigamon & Vectra AI Demonstration:

• Traffic capture and analysis: utilizes the GigaVUE Cloud Suite from Gigamon to effectively capture Kubernetes traffic, using the vSeries node and the UCT for comprehensive visibility.
• Vectra AI sensor processing: the captured traffic is forwarded to Vectra AI sensors over VXLAN, which undergoes decapsulation, optimization and transformation into metadata.
• AI-Driven threat detection: Vectra AI’s brain utilizes supervised and unsupervised models to analyze the metadata, detecting attacks by analyzing adversarial behavior.
• Reduced workload and effort due to alert prioritization and correlation; allows for consolidation and retirement of legacy IDS capabilities.
• Known threat matching: this component, based on the Suricata engine, complements the AI brain by identifying threats that match known signatures, enhancing the detection of both known and unknown threats.