The Cognito platform from Vectra provides continuous, automated threat surveillance to proactively expose hidden and unknown cyberattackers that actively spread inside networks. The genesis of Cognito is based on a simple principle for finding hidden threats: use an authoritative source of data and seek out the fundamental threat behaviors that cybercriminals can’t avoid when they carry out an attack.
To do this, Cognito relies on the only source of truth during a cyberattack – network traffic. Only traffic on the wire – whether in private data centers, public clouds or enterprise environments – reveals the truth with complete fidelity and independence. Low-fidelity perimeter security only shows what you’ve already seen, not the hidden attacks that were missed.
Cognito delivers a far more efficient way of analyzing network traffic at scale. Instead of traditional payload inspection, it uses AI, machine learning and behavioral traffic analysis to expose the fundamental behaviors of attackers as they spy, spread, and steal in the network – even in encrypted traffic. By automating cyberattacker detection, analysis and incident response, Cognito AI condenses days or weeks of work into minutes, reducing the threat investigation workload. For more details, see https://vectra.ai/how-it-works.