Network detection and response (NDR) leader Vectra AI has released StreamPlus, an on-premises data lake that collects, stores, and searches important network metadata for organisations that do not use the cloud due to compliance protocols or lack of resources. StreamPlus delivers turnkey productivity by offering all the value of Vectra’s Cognito Stream without the onerous task of building and managing a data lake. StreamPlus ensures complete control over infrastructure data to meet growing privacy and compliance concerns while empowering proactive threat hunting and investigations to thwart attacks.
Despite a growing appetite for public cloud in the Middle East, and major players including Microsoft, Amazon Web Services, Oracle, IBM, Alibaba and SAP establishing regional data centers, several organisations — especially in government, defense, finance and critical infrastructure — have opted to maintain mission-critical workloads in private data centers.
Ammar Enaya, Regional Director, Middle East, Turkey and North Africa (METNA) at Vectra, said, “The decision to keep certain business-critical workloads on-prem is even pronounced when it comes to cybersecurity as regulatory and compliance frameworks can also add a layer of complexity. However, with digital forensics playing such an important role in effective threat mitigation, there is need for an effective alternative to cloud based offerings.”
In recent months, it has been proven that exposing existing security gaps, including hidden attackers within an organisation’s network, is critical for maintaining a healthy security posture. To empower security teams with the time and tools to properly conduct a proactive investigation, a data record and breakdown of network traffic is invaluable. With StreamPlus, organisations can seamlessly complete investigations using fourteen different security-enriched metadata streams, including iSession, DNS, DHCP, and many others. StreamPlus further simplifies investigations by allowing analysts to examine specific device names rather than IP addresses.
“Organisations around the world must ensure their data remains secure and under their control,” said Willem Hendrickx, Senior Vice President, International at Vectra. “StreamPlus keeps critical network metadata within their physical and logical boundaries, providing access to relevant data for investigations and threat hunting, and ensuring adherence with organizational requirements and compliance mandates.”
StreamPlus is delivered in Zeek format, meaning customers benefit from an on-premises data lake without the management overhead, cost burden, or scale limitations that often accompany open-source alternatives. To further accelerate productivity, Vectra has also included curated experiences for investigating accounts and a full suite of dashboards for each of the metadata streams. This ultimately enhances visibility with universal visibility, reducing costs by storing curated network metadata, and exposes gaps in an organisation’s security posture through proactive investigation and threat hunting.
Discussion about this post