Listing Thumbnail

    Vectra Stream Connector

     Info
    Sold by: Vectra AI 
    The Vectra Stream connector outputs Bro/Zeek formatted metadata from the Vectra Network Detection and Response Platform to any data-lake.
    Listing Thumbnail

    Vectra Stream Connector

     Info
    Sold by: Vectra AI 

    Overview

    Stream enables the Vectra Platform to continuously send enriched network security metadata from a VPC deployment to a private data-lake, where it can be analyzed by security researchers and SOC professionals. Please Note - Vectra Stream requires an operational Vectra install.

    Highlights

    • Vectra is transforming cybersecurity with AI. Its Cognito platform provides network detection and response in real time while empowering threat hunters to perform highly efficient incident investigations.

    Details

    Delivery method

    Delivery option
    Cognito Stream

    Latest version

    Operating system
    OtherLinux 7

    Pricing

    Vectra Stream Connector

     Info
    Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Vendor refund policy

    Contact your Vectra sales representative

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Cognito Stream

    Stream is a component of the Cognito Platform, required to use the Cognito Stream application. Stream is deployed in the customer's VPC. It receives network metadata from the Cognito Brain, converts it into a standard Bro / Zeek format and forwards it to the customer's data-lake.

    CloudFormation Template (CFT)

    AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

    Version release notes

    This release is for customers with existing Cognito Brain instances running version 8.7 and above. Please upgrade Brain instances to version 8.7 before continuing.

    Additional details

    Usage instructions

    Verify your Cognito Brain is running version 7.8 or higher. Retrieve the IP Address of your Cognito Brain and the Sensor Registration Token from the Settings page under the Sensor section. Deploy Cognito Stream from AWS Marketplace, and provide the IP address of the Cognito Brain and the Sensor Registration token. The Stream instance's mgtSubnet needs access to ports 22 and 443 on the Cognito Brain. After the instance launches, it will automatically attempt to pair with the Brain IP provided. Log in to the Cognito Brain, browse to Settings page and select the Cognito Stream tab. Check the status and configure the destination for the metadata of the Stream instance. See the "Resources" section in the Cognito Brain UI for a copy of the complete setup documentation.

    Resources

    Support

    Vendor support

    Login, email or call us 24/7

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    18 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Paul D.

    Team Manager, Enterprise Information Security

    Reviewed on Sep 17, 2020
    Review provided by G2
    What do you like best about the product?
    Ease of deployment, intuitive UI, and easy to work with sales and support staff.
    What do you dislike about the product?
    Reporting is lacking, currently only one report available with different timelines, also no ability to export from the console.
    What problems is the product solving and how is that benefiting you?
    Visibility of network traffic, analysis of network traffic, and baselining.
    Joel V.

    Easy to deploy and works great at finding evil.

    Reviewed on Sep 11, 2020
    Review provided by G2
    What do you like best about the product?
    Vectra finds what other controls miss. It is used to help with network visibility and integrates great with Splunk. We have passed every pen test since Vectra was deployed. The company has really listened to the customers and made big improvements over the last three years.
    What do you dislike about the product?
    It can get expensive if you have a lot of offices. The appliances are not cheap so if you have a bunch of smaller offices it can start to add up.
    What problems is the product solving and how is that benefiting you?
    Network visibility in east-west traffic is our primary use. Because we ingest the data in Splunk it is also used to evaluate incidents and help make decisions on incident prioritization.
    Recommendations to others considering the product:
    Vectra helps IR teams with prioritizing events. It can take some time to get everything reporting correctly so use the Vectra resources to help create the rules and whitelisting events is recommended.
    Information Technology and Services

    Unbeaten speed of innovation

    Reviewed on Aug 27, 2020
    Review provided by G2
    What do you like best about the product?
    Vectra does what it says on the tin, but goes beyond in providing a constant. speed of innovation that means they are constantly releasing new features. and detections, helping us to keep up to speed with any threats on our network
    What do you dislike about the product?
    As with any security tool, the alerts! But thankfully by monitoring the. quadrant based approach serious issues boil up for quick investigation.
    What problems is the product solving and how is that benefiting you?
    East-west visibility and identification of dark/unknown IT
    Financial Services

    Vectra AI Review

    Reviewed on Jul 07, 2019
    Review provided by G2
    What do you like best about the product?
    This is a high quality anomaly detection tool, very easy to understand and it helps very nicely to get reports, PCaps, and lets you see in an easy way what is happening in the network, this has top of the line algorithms, I simply love this product.
    What do you dislike about the product?
    Is very long process to tweak it to the point that it works perfect, but once that is done this is a beast
    What problems is the product solving and how is that benefiting you?
    Monitoring the network for cyberattacks
    Recommendations to others considering the product:
    This is an awesome tool for recognizing cyberattacks in real time
    Sandy S.

    "A good threat tool"

    Reviewed on Jun 29, 2019
    Review provided by G2
    What do you like best about the product?
    Generally excellent instrument to identify and stay away from digital assaults utilizing man-made consciousness progressively. Interestingly, the device advances as the strategies of digital assaults advance gratitude to the way that it depends on a man-made brainpower that is found out and improved after some time. It permits to discover digital assaults and dangers in the cloud, server farm and in business situations.
    What do you dislike about the product?
    Need all around data of the instrument to recognize possible security perils. This puts aside chance to end up acquainted with the product.I severely dislike about this is you need a minium of knowleadge about you see beacuse its overflowing with therms without information
    What problems is the product solving and how is that benefiting you?
    The eventual fate of security needs to settle on choices for people, however help people settle on choices all the more rapidly. This innovation is genuinely a power multiplier in an industry that is suffocating in information that necessities to drive choices.
    Recommendations to others considering the product:
    At present I would state that it is the best stage to distinguish, forestall and anticipate cyberattack dangers. My organization is one of the biggest banks on the planet and has depended on this instrument, after a long investigation by the IT specialists of the organization.
    View all reviews