Overview

Stream enables the Vectra Platform to continuously send enriched network security metadata from a VPC deployment to a private data-lake, where it can be analyzed by security researchers and SOC professionals. Please Note - Vectra Stream requires an operational Vectra install.

Highlights

Vectra is transforming cybersecurity with AI. Its Cognito platform provides network detection and response in real time while empowering threat hunters to perform highly efficient incident investigations.

Details

Sold by

Vectra AI

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Vectra Stream Connector

Info

View purchase options

Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Vendor refund policy

Contact your Vectra sales representative

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Version

Delivery details

Cognito Stream

Stream is a component of the Cognito Platform, required to use the Cognito Stream application. Stream is deployed in the customer's VPC. It receives network metadata from the Cognito Brain, converts it into a standard Bro / Zeek format and forwards it to the customer's data-lake.

CloudFormation Template (CFT)

AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

Version release notes

This release is for customers with existing Cognito Brain instances running version 8.7 and above. Please upgrade Brain instances to version 8.7 before continuing.

Additional details

Usage instructions

Verify your Cognito Brain is running version 7.8 or higher. Retrieve the IP Address of your Cognito Brain and the Sensor Registration Token from the Settings page under the Sensor section. Deploy Cognito Stream from AWS Marketplace, and provide the IP address of the Cognito Brain and the Sensor Registration token. The Stream instance's mgtSubnet needs access to ports 22 and 443 on the Cognito Brain. After the instance launches, it will automatically attempt to pair with the Brain IP provided. Log in to the Cognito Brain, browse to Settings page and select the Cognito Stream tab. Check the status and configure the destination for the metadata of the Stream instance. See the "Resources" section in the Cognito Brain UI for a copy of the complete setup documentation.

Resources

Vendor resources

Learn about Vectra and Cognito

Support

Vendor support

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Vectra Sensor

By Vectra AI

Vectra Sensors are deployed in VPCs to monitor AWS deployments to detect hidden threats without requiring any endpoint agents.

View product

Vectra Cognito Threat Detection and Response

By Vectra AI

Vectra® enables enterprises to immediately detect and respond to cyberattacks across cloud, data center, enterprise and IoT networks.

View product

Vectra Cognito for Service Delivery Partners (Billed Monthly)

By Vectra AI

Vectra Threat Detection and Response for Partner Provided Consulting Engagements

View product

Vectra Detect for AWS

By Vectra AI

Vectra Detect for AWS identifies attacks across your global AWS IaaS and PaaS footprint early to stop misconfiguration, credential theft and supply chain compromise from turning into breaches. Vectra Detect enables SecOps to investigate and respond to attacks efficiently.

View product

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

18 external reviews

External reviews are sourced from G2 and are not included in the star rating for this product.

Paul D.

Team Manager, Enterprise Information Security

Reviewed on Sep 17, 2020

Review provided by G2

What do you like best about the product?

Ease of deployment, intuitive UI, and easy to work with sales and support staff.

What do you dislike about the product?

Reporting is lacking, currently only one report available with different timelines, also no ability to export from the console.

What problems is the product solving and how is that benefiting you?

Visibility of network traffic, analysis of network traffic, and baselining.

Leave a comment 0 comments

Joel V.

Easy to deploy and works great at finding evil.

Reviewed on Sep 11, 2020

Review provided by G2

What do you like best about the product?

Vectra finds what other controls miss. It is used to help with network visibility and integrates great with Splunk. We have passed every pen test since Vectra was deployed. The company has really listened to the customers and made big improvements over the last three years.

What do you dislike about the product?

It can get expensive if you have a lot of offices. The appliances are not cheap so if you have a bunch of smaller offices it can start to add up.

What problems is the product solving and how is that benefiting you?

Network visibility in east-west traffic is our primary use. Because we ingest the data in Splunk it is also used to evaluate incidents and help make decisions on incident prioritization.

Recommendations to others considering the product:

Vectra helps IR teams with prioritizing events. It can take some time to get everything reporting correctly so use the Vectra resources to help create the rules and whitelisting events is recommended.

Leave a comment 0 comments

Information Technology and Services

Unbeaten speed of innovation

Reviewed on Aug 27, 2020

Review provided by G2

What do you like best about the product?

Vectra does what it says on the tin, but goes beyond in providing a constant. speed of innovation that means they are constantly releasing new features. and detections, helping us to keep up to speed with any threats on our network

What do you dislike about the product?

As with any security tool, the alerts! But thankfully by monitoring the. quadrant based approach serious issues boil up for quick investigation.

What problems is the product solving and how is that benefiting you?

East-west visibility and identification of dark/unknown IT

Leave a comment 0 comments

Financial Services

Vectra AI Review

Reviewed on Jul 07, 2019

Review provided by G2

What do you like best about the product?

This is a high quality anomaly detection tool, very easy to understand and it helps very nicely to get reports, PCaps, and lets you see in an easy way what is happening in the network, this has top of the line algorithms, I simply love this product.

What do you dislike about the product?

Is very long process to tweak it to the point that it works perfect, but once that is done this is a beast

What problems is the product solving and how is that benefiting you?

Monitoring the network for cyberattacks

Recommendations to others considering the product:

This is an awesome tool for recognizing cyberattacks in real time

Leave a comment 0 comments

Sandy S.

"A good threat tool"

Reviewed on Jun 29, 2019

Review provided by G2

What do you like best about the product?

Generally excellent instrument to identify and stay away from digital assaults utilizing man-made consciousness progressively. Interestingly, the device advances as the strategies of digital assaults advance gratitude to the way that it depends on a man-made brainpower that is found out and improved after some time. It permits to discover digital assaults and dangers in the cloud, server farm and in business situations.

What do you dislike about the product?

Need all around data of the instrument to recognize possible security perils. This puts aside chance to end up acquainted with the product.I severely dislike about this is you need a minium of knowleadge about you see beacuse its overflowing with therms without information

What problems is the product solving and how is that benefiting you?

The eventual fate of security needs to settle on choices for people, however help people settle on choices all the more rapidly. This innovation is genuinely a power multiplier in an industry that is suffocating in information that necessities to drive choices.

Recommendations to others considering the product:

At present I would state that it is the best stage to distinguish, forestall and anticipate cyberattack dangers. My organization is one of the biggest banks on the planet and has depended on this instrument, after a long investigation by the IT specialists of the organization.

Leave a comment 0 comments

View all reviews