Vectra AI was a valuable addition to our cybersecurity tools. It helps us protect our assets and the company network from modern attacks. Our security analysts use Vectra AI to go through detections of anomalies in our environment. Easily integrated with M365 and Azure AD. We were able to quickly identify and prevent data leakage by investigating a suspicious M365 mail forwarding detection by Vectra AI. Other M365 detections we observed included risky Exchange Operations, Phishing simulation configuration change, Suspect eDiscovery Usage, Malicious links sent by external Teams user, and many more. Detections that helped our SOC team prevent a major cyber incident was Azure AD Admin account creation, Login attempts from a disabled account, Azure AD TOR activity, Azure AD Suspicious device registration, among others. A great feature is the AI intelligence as well as the Vectra AI Post-Quantum Cryptography Readiness dashboard. Quantum computing threatens today's public-key cryptography, putting SSH and TLS key exchanges at risk of future decryption. This Vectra AI dashboard highlights hosts and daily SSH connections still relying on non-PQC key exchange, helping us identify exposure and prioritize migration to quantum-resistant algorithms. The interface loads fast and offers clear visualization allowing our SOC analysts to explore our environment to uncover emerging threats. When assistance was needed, we received fast and professional support from the vendor. Cost may be a limitation for some, however, for us being a large company with permissive budget, it was a good investment for the value it brought.

easy to work with and clear method of learning to use

Ease of deployment, intuitive UI, and easy to work with sales and support staff.