Detect for M365 + AWS (Vectra M365)
Provide a SaaS Hosted threat detection & response platform for M365 and/or AWS
Features
- Stop attackers from stealing M365 data
- Detect and prioritize attacks in Microsoft 365
- See how attackers leverage native functionality to steal your data.
- Investigate and respond with full context and user history.
- Security-led AI sees, prioritizes, and stops attacks targeting your data
- Instant Investigations enable rapid response with zero query, one-click answers
Benefits
- Vectra stops attackers before they can do damage
- Investigate and respond with full context and user history.
- Security-led AI sees, prioritizes, and stops attacks targeting your data
- Instant Investigations enable rapid response with zero query, one-click answers
Pricing
£12.50 to £28.00 a licence
- Education pricing available
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at adam.jones@wizardcyber.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 13
Service ID
3 8 4 6 7 1 6 4 6 3 9 8 1 8 6
Contact
Wizard Cyber
Adam Jones
Telephone: 0800 029 1505
Email: adam.jones@wizardcyber.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- N/A
- Cloud deployment model
- Public cloud
- Service constraints
- N/A
- System requirements
-
- Connectivity from customer MS tenant logs
- AWS cloud trail logs to the Detect SaaS cloud
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 4-hour response time for all tickets during normal working hours (follow-the-sun support).1-hour response time for all business-critical issues 24 hours, seven day a week.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- Customer can sign up to the Slack support chat or use the Vectra support portal
- Onsite support
- Yes, at extra cost
- Support levels
- Unlimited 24/7 support for customers, with current software subscription packages. Support subscriptions include break-fix, diagnosis, recovery and final resolution for all software and hardware issues.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Customers have access to a dedicated customer success team and training services
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Data is not extracted. However it is permanently deleted upon termination of contact.
- End-of-contract process
- All relevant data is permanently deleted.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- All Services can be accessed via any HTML5 compatible device
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 A
- Description of service interface
- A Graphical UI
- Accessibility standards
- WCAG 2.1 A
- Accessibility testing
- N/A
- API
- No
- Customisation available
- Yes
- Description of customisation
- N/A
Scaling
- Independence of resources
- High Availability 99.9% uptime
Analytics
- Service usage metrics
- Yes
- Metrics types
- Total Accounts/ logs ingested concurrently + operational metrics
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
-
Data at rest and in transit is secured using at least 256-bit TLS encryption.
File encryption (e.g. PGP) and transport encryption (e.g. HTTPS) are utilized for transferring classified information - Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Customers can export their data in the form of reports.
- Data export formats
- Other
- Other data export formats
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Other
- Other protection between networks
-
Data at rest and in transit is secured using at least 256-bit TLS encryption.
File encryption (e.g. PGP) and transport encryption (e.g. HTTPS) are utilized for transferring classified information - Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
-
Data at rest and in transit is secured using at least 256-bit TLS encryption.
File encryption (e.g. PGP) and transport encryption (e.g. HTTPS) are utilized for transferring classified information
Availability and resilience
- Guaranteed availability
- The Vectra Detect for M365 + AWS service is built on AWS IAAS. The service is architected to provide a 99.999% uptime level of service.
- Approach to resilience
- The Vectra Detect for Office M365 & AWS service is built on AWS. The service is architected to provide a 99.999% uptime level of service.
- Outage reporting
- Customers will be informed by email of any planned or unplanned
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Vectra supports the SAML 2.0 standard for authentication, which can be used with our client's identity provider (IDP) to provide multi-factor authentication (MFA)
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
- Other
- Description of management access authentication
- Vectra supports the SAML 2.0 standard for authentication, which can be used with our client's identity provider (IDP) to provide multi-factor authentication (MFA)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- SOC2 +3rd party Via AWS
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- SOC2 is a set of controls developed by the American Institute of CPAs (AICPA)
- Information security policies and processes
- Vectra’s overall information security strategy is to provide reasonable and appropriate safeguardsto ensure the confidentiality, integrity, availability, and accountability of information assets byprotecting those assets from unauthorized access, use, disclosure, disruption, modification, and destruction.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Contained within Vectra's AI Change Management policy are the controls to manage change in our development process andinfrastructure. These controls provide a healthy balance of agility and security which allow us toproduce quality products and services to our clients
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
"Vectra's corporate vulnerability management program:
• Operating system security patches and software security patches are applied promptly on all computers within the Vectra network.
• Computers are configured to automatically receive operating system patches and software security patches when issued.
• A central policy server manages updates to all workstations within the Vectra network. All systems are constantly monitored by use of deployed agents and network wide policies, which push, install, and verify updates and patches as necessary." - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- All systems are constantly monitored by use of deployed agents and network wide policies, which push, install, and verify updates and patches as necessary.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Vectra AI has a Incident response policy which is designed in a way that limits damage and reduces recovery time and costs. This policy establishes the coordination of Vectra’s response to IT related incidents to enable quicker information gathering, reporting, and remediation.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
"The following environmental controls are used to maximize system availability and stability.
• Critical systems and network equipment are fitted with uninterruptable power supplies (UPS)
devices
•
In the event of a main power failure, all UPS's have sufficient power to keep the network and all
servers running until a back-up generator takes over
• Production data centers have redundant back-up generation with priority fuel contracts
• Software is installed on all servers to implement an orderly shutdown in the event of a total
power failure
• UPS devices and back-up generators are tested periodically
• Production data centers include the following environmental systems:
o FM-200 or dry-pipe, pre-action fire suppression
o Smoke and heat detection system
o HVAC monitoring system"
Pricing
- Price
- £12.50 to £28.00 a licence
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- A free trial is available for 4 weeks with weekly scheduled engagements.
- Link to free trial
- Request Free Trial from Wizard Cyber
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at adam.jones@wizardcyber.com.
Tell them what format you need. It will help if you say what assistive technology you use.