惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

P
Palo Alto Networks Blog
S
Security Affairs
T
Tor Project blog
T
Threatpost
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
A
Arctic Wolf
K
Kaspersky official blog
O
OpenAI News
Spread Privacy
Spread Privacy
人人都是产品经理
人人都是产品经理
爱范儿
爱范儿
Simon Willison's Weblog
Simon Willison's Weblog
雷峰网
雷峰网
P
Privacy & Cybersecurity Law Blog
Know Your Adversary
Know Your Adversary
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Last Week in AI
Last Week in AI
Martin Fowler
Martin Fowler
量子位
博客园_首页
Cyberwarzone
Cyberwarzone
博客园 - 三生石上(FineUI控件)
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
IT之家
IT之家
N
News and Events Feed by Topic
博客园 - 司徒正美
V2EX - 技术
V2EX - 技术
S
Schneier on Security
博客园 - 叶小钗
Attack and Defense Labs
Attack and Defense Labs
AI
AI
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - 【当耐特】
Jina AI
Jina AI
C
CXSECURITY Database RSS Feed - CXSecurity.com
C
Cybersecurity and Infrastructure Security Agency CISA
D
Darknet – Hacking Tools, Hacker News & Cyber Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
大猫的无限游戏
大猫的无限游戏
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
V
V2EX
S
SegmentFault 最新的问题
V
Visual Studio Blog
PCI Perspectives
PCI Perspectives
Microsoft Security Blog
Microsoft Security Blog

Vectra AI Blog

Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Why You Need an NDR to Protect Your Modern Network Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI named in Gartner hype cycle for security operations 2025 Vectra AI Vectra AI How Sanofi Detected and Stopped a Cyberattack How MITRE ATLAS Helps Detect LLM Attacks in Cloud AI Detecting Iranian APT identity attacks across hybrid environments Vectra AI Vectra AI Vectra AI Breaking down the axios supply chain incident Vectra AI Vectra AI Who’s Doing What on Your Network? FortiClient EMS Zero-Day: When the Control Plane Becomes Initial Access Detecting Compromise After the Axios Supply Chain Attack. Vectra AI Vectra AI Vectra AI AI Is Now the Attack Surface: Why Your Security Stack Must Adapt Fast Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI How attackers use Brute Ratel (BRC4) Vectra AI Vectra AI Vectra AI The Cutting Edge: AI’s Inevitable Rise in Offensive Security Vectra AI Vectra AI Is AI the Right Tool to Defend Against Modern Cyberattacks? Vectra AI Vectra AI Vectra AI Turns Out Network Security Is Cool Again – and It’s Called NDR Vectra AI Vectra AI Vectra AI Choosing the Right NDR: Gartner’s 5 Questions Every Security Buyer Should Be Asking Vectra AI Vectra AI Named a Leader and Outperformer in the 2025 GigaOm Radar Report for Identity Threat Detection and Response (ITDR) Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI You Have the Right Tools. So Why Are Attackers Still Getting In? Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Challenges in Microsoft Log Monitoring: Insights for Your SOC Vectra AI Platform Visualizes Multi-domain Modern Attacks with Attack Graphs Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI Gartner Security and Risk Conference – Chaos meets Opportunity Vectra AI Named a Leader and Outperformer in the 2025 GigaOm Radar Report for Network Detection and Response (NDR) Presenting the 2025 Vectra AI Scholars Simplify Threat Investigation and Hunting with Pre-built Queries in Vectra Investigate The 2025 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) - Why Vectra AI Stands Tall Vectra AI Vectra AI Vectra AI Vectra AI Vectra AI How Black Basta Turned Public Data into a Breach Playbook Play’s New Tactics Bypass Traditional Defenses. Are You Ready? Charting a New Era of Network Security: Vectra AI at the Forefront Unlocking Operational Efficiency: How Vectra AI Drives 40% Gains in SOC Performance and 391% ROI Identity-Centric Attacks: The New Reality for UK Retail CISA Flags Fast Flux as a National Threat: Are You Covered? AI Agents: What Do They Mean in Cybersecurity?
Closing Modern Attack Gaps: How Vectra AI + Zscaler Deliver Modern Network Protection
Zoey Chu · 2026-06-03 · via Vectra AI Blog

This post was co-authored by Brad Woodberg, Sr. Director Product Management, Vectra AI, and Abhishek Gupta, Principal Field Product Management, Zscaler

The network has changed.

Users work everywhere. Applications live across SaaS, cloud, and private environments. Traffic is increasingly encrypted. And attackers have adapted faster than most security architectures.

Over the last several years, organizations have embraced Zero Trust and Security Service Edge (SSE) architectures to securely connect users to applications wherever they are. That shift has dramatically improved access security and reduced reliance on legacy VPNs and perimeter defenses.

But modern attackers don't stop at the access layer.

They hide command-and-control traffic inside encrypted sessions. They move laterally across hybrid environments. They compromise identities and abuse legitimate SaaS workflows. In other words, they exploit the gaps between what network teams can see and what security teams can investigate.

That is why Vectra AI and Zscaler have expanded our integration.

Together, we combine Zscaler's Zero Trust Exchange with Vectra AI's AI-driven threat detection and investigation capabilities to provide a unified view across internet traffic, private application access, cloud environments, and modern identities. The result is a shared operational picture that helps bridge the longstanding divide between NetOps and SecOps.

From Hunt Club to Zenith Live: A Shared Vision for Modern Network Protection

Earlier this year, we had the opportunity to present together at Vectra AI's Hunt Club customer conference, where we shared our joint vision for Modern Network Protection. The presentation focused on a simple reality: organizations have modernized access with Zero Trust and SSE, but attackers have modernized faster.

Today's attacks span internet traffic, SaaS applications, identities, cloud workloads, and private applications. Security teams need more than access controls—they need continuous visibility into attacker behavior across the entire attack lifecycle.

The Vectra AI and Zscaler partnership addresses this challenge by combining:

  • Zscaler's Zero Trust Exchange for secure access and rich traffic visibility
  • Vectra AI Attack Signal Intelligence for AI-driven threat detection, prioritization, and investigation
  • Shared visibility across users, devices, identities, applications, and networks
  • Operational alignment between NetOps and SecOps teams

For those interested in the technical details of the integration, we encourage you to read our joint technical deep dive:

Deep Dive Inside the Zscaler and Vectra AI Integration

https://www.zscaler.com/blogs/product-insights/deep-dive-inside-zscaler-and-vectra-ai-integration

Hunt Club Presentation: Modern Network Protection

The presentation expands on the architectural concepts discussed in this blog and demonstrates how organizations can use Zscaler and Vectra AI together to reduce blind spots across modern hybrid environments.

Three Ways Vectra AI and Zscaler Help Bridge NetOps and SecOps

For architects attending Zenith Live, here are three real-world use cases that demonstrate how the integration delivers value.

Use Case 1: Detecting Hidden Command-and-Control Traffic

One of the most difficult challenges for security teams is identifying "low-and-slow" command-and-control activity that intentionally blends into legitimate internet traffic.

Modern attackers frequently use techniques such as domain fronting, fast-flux infrastructure, and encrypted HTTPS communications to evade traditional URL filtering and reputation-based controls. The destination changes constantly, making detection difficult.

Zscaler provides rich visibility into internet-bound traffic and securely brokers user connections through the Zero Trust Exchange. Vectra AI then applies behavioral analytics and advanced fingerprinting techniques to identify suspicious patterns that remain consistent even when attacker infrastructure changes.

The outcome is precise detection without disrupting legitimate cloud services.

For the SOC, this means faster threat hunting and more confident investigations. For NetOps, it means maintaining user connectivity while security teams gain the evidence they need to act.

Most importantly, teams gain visibility into attacker behavior—not just destinations and indicators—which is increasingly critical in an encrypted world.

Deep Dive into this use case:  https://www.zscaler.com/blogs/product-insights/deep-dive-inside-zscaler-and-vectra-ai-integration

Use Case 2: Connecting Internet Activity to Lateral Movement

Many attacks do not begin with ransomware. They begin with reconnaissance.

A suspicious download. An unusual authentication attempt. A user probing internal systems. Individually, each event may appear benign. Together, they often reveal the early stages of an attack.

This is where the combined visibility provided byVectra AI and Zscaler becomes especially powerful.

By correlating internet activity from Zscaler Internet Access (ZIA) with private application access data from Zscaler Private Access (ZPA), Vectra AI can identify attack progression across environments. Security teams can see when a device that triggered suspicious internet activity begins scanning internal resources, attempting SMB connections, or enumerating sensitive systems.

Instead of responding to isolated alerts, teams gain attack-stage context.

This allows SOC analysts to prioritize investigations based on attacker behavior rather than alert volume. At the same time, network teams can work from the same evidence to isolate affected assets and contain threats before they spread.

The result is exactly what modern organizations need: a shared workflow between NetOps and SecOps built around facts, not assumptions.

Deep Dive into this use case:  https://www.zscaler.com/blogs/product-insights/deep-dive-inside-zscaler-and-vectra-ai-integration

Use Case 3: Detecting Compromised Identities and SaaS Abuse

Today's attackers increasingly bypass malware altogether.

Rather than breaking in, they log in.

Using stolen credentials, session hijacking, or sophisticated phishing techniques, attackers gain access to trusted SaaS applications and then use legitimate administrative functions to move quietly through the environment.

These attacks are difficult to detect because the activity often appears legitimate.

Vectra AI identifies abnormal identity behavior, such as unusual access patterns, privilege escalation attempts, or suspicious SaaS activity. Zscaler provides critical context about which applications are being accessed and whether those applications are unusual for that user.

Together, security teams gain visibility into both the identity and the activity.

This enables organizations to detect compromised accounts earlier, terminate risky sessions, enforce additional authentication requirements, and stop data loss before it occurs.

In a world where identity has become the new perimeter, this visibility is critical.

Deep Dive into this use case:  https://www.zscaler.com/blogs/product-insights/deep-dive-inside-zscaler-and-vectra-ai-integration

Why This Matters for Network and Security Architects

One of the key themes from our Hunt Club presentation was that the traditional distinction between network operations and security operations is disappearing.

Network architects are increasingly responsible for enabling secure connectivity across distributed users, applications, and cloud environments. Security architects are increasingly dependent on network telemetry and context to understand attacker behavior.

The Vectra AI and Zscaler integration creates a common operational framework where both teams can answer critical questions:

  • Is this user behaving normally?
  • Is this application access expected?
  • Is this encrypted traffic legitimate?
  • Is this identity compromised?
  • Is this activity part of a larger attack campaign?

By combining Zero Trust access controls with AI-driven attack detection, organizations gain both prevention and visibility—two capabilities that are increasingly inseparable.

A Shared Vision for NetOps and SecOps

Historically, network teams have focused on connectivity and performance while security teams have focused on risk reduction and threat response.

The reality is that modern attacks don't respect organizational boundaries.

Attackers move across cloud, SaaS, identity, internet, and private application environments as a single campaign. Defenders need the same unified perspective.

The Vectra AI and Zscaler integration helps organizations eliminate blind spots, accelerate investigations, and improve operational collaboration. It enables NetOps and SecOps teams to work from a common source of truth while maintaining the performance, user experience, and Zero Trust principles that modern enterprises demand.

As enterprises continue their digital transformation journeys, success will depend on more than secure access. It will require the ability to see, understand, and stop modern attacks wherever they occur. That's the vision behind the Vectra AI and Zscaler partnership—and we're excited to continue that journey with customers at Zenith Live.

To learn more about the technical integration, visit Zscaler's deep-dive blog: https://www.zscaler.com/blogs/product-insights/deep-dive-inside-zscaler-and-vectra-ai-integration

Additional Vectra AI + Zscaler Resources:

Vectra AI: Gain end-to-end visibility — north-south and east-west

Vectra AI: Vectra AI + Zscaler Secure Zero Trust Access

Zscaler: Two Magic Quadrant™ Leaders Become Partners: Zscaler and Vectra AI Combine Forces

Zscaler: Bridging the Gap Between NetOps and SecOps