Exabeam partners with Vectra AI to boost cloud threat defence

Exabeam has announced a partnership with Vectra AI to integrate the Exabeam New-Scale Security Operations Platform with the Vectra AI Platform.
The collaboration aims to address the challenges faced by security teams in identifying advanced threats, particularly those that move laterally across cloud environments. Many existing solutions, originally developed for on-premises systems, struggle to detect these attacks, resulting in delayed responses and increased manual workloads for analysts.
The integration combines Exabeam's SIEM, user and entity behaviour analytics (UEBA), and automated workflows with Vectra AI's network detection and response (NDR) capability. According to Exabeam, this unified solution will centralise visibility, accelerate threat detection, and streamline investigation processes across cloud-based environments.
Vectra AI's platform provides visibility into lateral threat movement by monitoring activity both east-west and north-south across a variety of network architectures, including data centres, campus facilities, remote workspaces, cloud, and operational technology (OT) environments. By incorporating Vectra AI's analytics into the Exabeam infrastructure, the two companies aim to give security teams improved detection and response capabilities.
Steve Wilson, Chief AI and Product Officer at Exabeam, said, "Teaming up with Vectra AI, isn't just a partnership, it's a power move. We need to shift the balance in cybersecurity, putting defenders back in control. With their cloud threat intel and our AI-driven platform, we're exposing the threats others miss and flipping the script on what modern threat detection looks like."
The integration is designed to provide a number of practical benefits. Accelerated threat detection is achieved by consolidating security data from various sources and automating processes throughout the security operations centre (SOC) stack. This allows analysts to identify and respond to incidents faster and with greater accuracy.
Enhanced visibility is another feature, with the combined platform able to detect network-based risks throughout cloud infrastructures by leveraging behavioural analytics. This helps security teams spot lateral movement, insider threats, and post-compromise activities that traditional tools might overlook.
Streamlined operations are facilitated by out-of-the-box integration features. These include prebuilt mappings, a preconfigured Vectra AI dashboard tile, and webhook collectors, all of which are intended to speed up deployment and reduce ongoing operational complexity for SOC teams.
Jeff Reed, Chief Product Officer at Vectra AI, said, "Security teams today need visibility to stay ahead of advanced threats, especially as attacks become more complex and move across hybrid and cloud environments. By integrating Vectra AI's advanced NDR with Exabeam's powerful SIEM and automation capabilities, we're empowering teams with a unified, intelligent platform to quickly identify, investigate, and stop threats before they escalate. This partnership is a major step forward in modernising security operations for the AI-driven threat landscape."
The partnership is built on the understanding that today's threat landscape is increasingly shaped by cloud adoption and remote work, where attack vectors are more diverse and attacks often bypass traditional network boundaries. By providing centralised and integrated defence tools, Exabeam and Vectra AI aim to help organisations keep pace with these developments and reduce the burden on security staff.
Analysts using the integrated platform are expected to benefit from simplified incident investigations, less manual effort, and improved overall security outcomes. The new solution is positioned as addressing a market demand for unified threat detection and response that adapts to both legacy systems and modern, cloud-native environments.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Techday NZ

12-06-2025

• Techday NZ

Red Canary deploys AI agents to slash security investigation times

Red Canary has announced the introduction of a suite of AI agents designed to perform tier 2 security investigations at the pace and calibre of experienced analysts. These AI agents have already conducted over 2.5 million investigations, reportedly reducing the average investigation time by 90%. The agents are trained on a decade's worth of operational data and provide contextual gathering, alert enrichment, and recommended actions for identified threats, with a stated aim to lessen alert noise and assist security teams in managing evolving threats without increased complexity or risk. Reducing manual security tasks The AI agents are described as specialists across every phase of detection, investigation, and response. They cover roles including security operations centre (SOC) analyst, detection engineering, threat intelligence, and user analysis, automating many procedures traditionally undertaken by security experts. For organisations, this means the agents automate both Tier 1 and Tier 2 analyst tasks in various environments such as cloud, identity, Security Information and Event Management (SIEM), and endpoint systems. According to Red Canary, this leads to faster root cause analysis and remediation of security incidents. In addition, a threat intelligence agent compares threats against known profiles, identifying new trends and aiding intelligence operations. Impact and efficiency Red Canary states that, by automating analyst-level workflows, customers have reduced investigation times from over 20 minutes to under three minutes on average, with the company citing a 99.6% customer-validated true positive rate. The system is built to be enterprise-grade, with training on 10 years of real-world data and with continuous oversight by security operators to ensure consistency and reliability. "Several years ago, we introduced automation to replace repetitive Tier 1 work," said Brian Beyer, CEO and Co-founder of Red Canary. "Now, by combining the best of agentic AI with AI agents that are equipped with years of frontline experience, we're taking the next leap—accelerating Tier 2 investigations with the speed of automation and the judgment of experienced security analysts. This shift allows every Red Canary detection engineer to focus on Tier 3-level analysis, delivering deeper insights and stronger outcomes for our customers." Practical use cases Red Canary offered specific examples to illustrate the value of the AI agents. In one scenario, a user behaviour analysis agent flagged an anomalous Salesforce login, missed by other tools. A reputation analysis agent added context by identifying the login as originating from a high-risk IP address. Red Canary's team validated the threat and quickly alerted the customer, allowing for immediate password reset and containment within minutes. Another example involved a compromised account detected through alert enrichment and user behaviour analysis. These agents identified a suspicious application and proxy activity from an unfamiliar ISP and geography. A Red Canary detection engineer confirmed that a user's access token had been compromised and notified the customer's security operations team for swift response. Scope of agent capabilities The suite currently includes agents specialised for specific systems, including Microsoft Defender for Endpoint, Crowdstrike Falcon Identity Protection, AWS Guardduty, and Microsoft Sentinel. These agents are designed to deliver consistent procedures for their respective environments. The response and remediation agent offers concrete steps for both addressing current incidents and hardening systems to reduce future risk, while the user baselining and analysis agent highlights deviations in user activity by comparing real-time behaviour to historical patterns. Red Canary underscores that its agents are not fully autonomous decision-makers; instead, their outputs are subject to the oversight of experienced detection engineers, aiming to balance automation, reliability, and human judgement. This development represents an ongoing trend in the security sector towards applying artificial intelligence to reduce manual workloads, lower incident response times, and support strained security teams. According to Red Canary, its focus remains on reducing noise, accelerating triage, and providing expert analysis for each threat faced by its clients.

Scoop

08-06-2025

• Scoop

Tower Partners With Sedgwick

Press Release – Tower The new partnership means Tower will have access to additional support from Sedgwicks loss adjusters across New Zealand and the Pacific. External loss adjusters are typically used in the insurance industry for continuity of service in times of increased demand, … Tower has today announced a new partnership with Sedgwick, a global leader in loss adjusting, to ensure fast claims assessments for Tower customers during large weather events. The new partnership means Tower will have access to additional support from Sedgwick's loss adjusters across New Zealand and the Pacific. External loss adjusters are typically used in the insurance industry for continuity of service in times of increased demand, for example, during stormy weather. Tower Chief Claims Officer Steve Wilson says, 'As a forward-thinking insurer, we are thrilled to partner with Sedgwick to help ensure we continue to be there for our customers, no matter what.' 'The Tower team will still be with you every step of the way to progress and settle your claim. This partnership means we can assess damage and start the claims process faster during claims peaks, with more loss adjusting resource ready to go, if needed.' The new partnership will benefit all Tower customers throughout New Zealand and the Pacific, including in smaller locations where Tower may not have a large in-region assessing or loss adjusting team. The increased assessing resource also means specialist Tower assessors are focused on handling more complex claims. Sedgwick New Zealand CEO Philip van Zyl says, 'We're delighted to support Tower, as a trusted Kiwi business that shares our commitment to helping communities rebuild after a loss. Through this partnership, we will combine our strengths and expertise to drive better outcomes for all stakeholders. It is about making recovery smoother, more accessible, and more effective for everyone impacted.' About Tower Born and bred in New Zealand, Tower has been supporting Kiwis when they need it most for more than 155 years. In that time, we've grown to operate across New Zealand and the Pacific islands, providing our customers with cover for their houses, cars, contents, businesses and more. While our heritage is important to us, we've also set our sights on the future. Tower's focus on innovation and investment in large-scale digital transformation has enabled the business to evolve rapidly, in-line with the latest in technology and customer expectations. The result is customer-focused, digital-first insurance solutions – combined with joining forces with like minded partners, Tower has been able to create more, simpler products, to suit the modern lifestyles of its customers. For more information, see About Sedgwick Sedgwick is the world's leading risk and claims administration partner, helping clients thrive by navigating the unexpected. The company's expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration and product recall. With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape. Sedgwick's majority shareholder is The Carlyle Group; Stone Point Capital LLC, Altas Partners, CDPQ, Onex and other management investors are minority shareholders. For more information, see

Scoop

08-06-2025

• Scoop

Tower Partners With Sedgwick

Tower has today announced a new partnership with Sedgwick, a global leader in loss adjusting, to ensure fast claims assessments for Tower customers during large weather events. The new partnership means Tower will have access to additional support from Sedgwick's loss adjusters across New Zealand and the Pacific. External loss adjusters are typically used in the insurance industry for continuity of service in times of increased demand, for example, during stormy weather. Tower Chief Claims Officer Steve Wilson says, 'As a forward-thinking insurer, we are thrilled to partner with Sedgwick to help ensure we continue to be there for our customers, no matter what.' 'The Tower team will still be with you every step of the way to progress and settle your claim. This partnership means we can assess damage and start the claims process faster during claims peaks, with more loss adjusting resource ready to go, if needed.' The new partnership will benefit all Tower customers throughout New Zealand and the Pacific, including in smaller locations where Tower may not have a large in-region assessing or loss adjusting team. The increased assessing resource also means specialist Tower assessors are focused on handling more complex claims. Sedgwick New Zealand CEO Philip van Zyl says, 'We're delighted to support Tower, as a trusted Kiwi business that shares our commitment to helping communities rebuild after a loss. Through this partnership, we will combine our strengths and expertise to drive better outcomes for all stakeholders. It is about making recovery smoother, more accessible, and more effective for everyone impacted.' About Tower Born and bred in New Zealand, Tower has been supporting Kiwis when they need it most for more than 155 years. In that time, we've grown to operate across New Zealand and the Pacific islands, providing our customers with cover for their houses, cars, contents, businesses and more. While our heritage is important to us, we've also set our sights on the future. Tower's focus on innovation and investment in large-scale digital transformation has enabled the business to evolve rapidly, in-line with the latest in technology and customer expectations. The result is customer-focused, digital-first insurance solutions - combined with joining forces with like minded partners, Tower has been able to create more, simpler products, to suit the modern lifestyles of its customers. For more information, see About Sedgwick Sedgwick is the world's leading risk and claims administration partner, helping clients thrive by navigating the unexpected. The company's expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration and product recall. With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape. Sedgwick's majority shareholder is The Carlyle Group; Stone Point Capital LLC, Altas Partners, CDPQ, Onex and other management investors are minority shareholders. For more information, see