Veronica Martin caught up with Taj El-khayat, Managing Director – South EMEA at Vectra to discuss GITEX 2022 and the company’s plans for the region.
Why is Vectra pivoting to Attack Signal Intelligence?
Traditionally the threat detection response has been viewed as a product that just goes into a data centre and starts doing its thing, so we really wanted organisations to really understand that there is a lot more than just having that product do what it’s supposed to do, as the techniques behind it and why we’re changing our whole concept of conversation into something that would become more meaningful to those organisations. Our platform is AI powered, AI enabled, and what that means is that for the last 10 years since we created our company, our AI algorithm has been learning, so we’ve trained our AI to the point where it now addresses the way that attackers think, it understands the techniques, threats and procedures that attackers go for.
What we have discovered is that the platform itself has the ability to give better coverage to the entire estate that is required to be covered in order for us to stop threats from becoming breaches. We don’t want organisations to think that by adding more tools to cover the surface, that’s the way to go. We want to give them a better way to cover the surface by using our multifaceted platform.
Clarity is also important because we don’t want the tool just to basically give detections and put data on dashboards. We want them to be meaningful. Our AI does the protections to avoid human error and, more importantly, when those detections actually happen.
AI provides better visibility on the real attacks to make sure that it’s automated and it’s driven without the human intervention. Our aim is to highlight the power of AI and how our AI has been trained, leveraging the fact that we give better coverage, clarity and control.
What are some of the trends and threats pushing Vectra towards this?
Attackers are becoming very smart creating breaches and damage, so for us it’s crucial to have the ability to stop those attackers from being able to use sophisticated threats. One of the biggest threats facing any organisation is not just the known threats, but also the unknown ones, and thanks to AI we can defend from the unknown ones. We also really care about monitoring techniques. We don’t really care what type of threat is, as long as we can identify the techniques that are actually happening by that attacker and use our algorithms to make sure that we stop it, detect it, and address it.
Can you tell our readers what differentiates your company from your market rivals?
We were the first that created AI enabled for detection response. Our AI is very powerful, and we have solidified our engagement with some of the largest organisations in the world.
We have also been able to prove that our detections are high fidelity, so we are one of the very few, if not the only ones that can actually detect immediately anomalies happening in the network.
We are the only ones we provide coverage from network and have a SaaS solution for detection and response. We don’t compromise our development and feature on our cloud like everybody else does. We do the same exact development, research and engineering on our own pre, which is air gap, meaning any highly sensitive military grade organisation can use our solution on-prem air gap without having the need of internet with the exact same level of technology. No differentiation whatsoever.
We also have our own data scientists and cybersecurity researchers that we use as part of our detection and response solutions.
We cover the entire spectrum of managed detection response services as we have our own analysts, data scientists and researchers. Every customer that signs with us an MDR service gets high end expertise available at their fingertips to help their teams enhance their ability to manage their stock operation centres and to be able to protect anomalies much quicker
We also play a major role of making sure that we do knowledge transfer, which makes us very unique, and we integrate out of the box with a lot of the leading EDR and cloud providers.
During the last five years many companies have invested a lot in cybersecurity, especially during the pandemic, as they just wanted to be secure, so we came in and made sure that all these investments were properly monetised by integrating and becoming a cost reduction mechanism for them.
All of these things differentiate us as a technology and AI innovator, but more importantly, as a core component of how next generation security operation centres are being reimagined today.
What are some of the key solutions that you are showcasing at GITEX?
We are building a live soft environment behind us here with three screens to show organisations how they can easily detect, because we are a plug and play type. We plug in our solution, we start simulating attacks, and they can see in front of them the attacks are being done live. You can see how the attacks start and, through automation and meta data visualisation, how we actually create response automation scripts to respond to those kinds of attacks.
What are the key messages you would like to communicate to the people attending GITEX?
Our focus is AI enabled technologies and technology, not to replace people, but to make them better. Our mission is to make the world a safer and fairer place. We don’t want to take anybody out of their mainstream but make them become an integrated part on how they do things in a better way to advance their own capabilities. Don’t be fixated to traditional and take a bold step to the future.
