search
WebsiteTest DriveStatus

Vectra AI

The Dropzone AI Platform integrates with Vectra AIarrow-up-right, an AI-driven NDR platform for automated threat detection and response across hybrid networks, including public clouds, SaaS, identity systems, and data centers. Dropzone supports both Cloud and On-premise deployments of Vectra AI.

hashtag
Create an API Client (Cloud Deployment)

If you have a Cloud deployment, Vectra AI requires an API Client and Secret Key to enable.

To obtain these, do the following:

  • Log in to your Vectra AI console

  • In the left sidebar, navigate to Manage > API Clients

  • Click "Add API Client"

Add API Client

  • Name the client something memorable, such as "Dropzone AI"

  • Assign the client the Read-Only role

  • Click "Generate Credentials"

Generate the API Client

  • Copy the Client ID and Secret Key generated for use later in the Dropzone UI, where they are called "OAuth2 Client ID" and "OAuth2 Client Secret," respectively

Save the credentials

hashtag
Create an API Token (On-Premise Deployment)

  • Log in to your Vectra AI console

  • In the left sidebar, navigate to My Profile

Click "My Profile"

  • Click "View API Token"

  • Input your password, then click "Continue"

Input your credentials

  • Copy the API token shown for use later in the Dropzone UI, where it is called "API Token"

Copy the API Token

  • Click "Close"

hashtag
Enable Vectra AI

To enable the Alert Source integration, you'll need the following information:

Dropzone Field
Source

Deployment Type

Your Vectra AI deployment type, e.g. Cloud or On-premise

Vectra AI URL

The base URL of your Vectra instance, e.g. https://api.vectra.ai or https://10.20.1.5

OAuth2 Client ID

The Client ID value you copied earlier. Only necessary for Cloud deployments

OAuth2 Client Secret

The Secret Key value you copied earlier. Only necessary for Cloud deployments

Vectra AI Server

The server hostname of your on-premise deployment, e.g. 10.20.1.5

Vectra AI Port

The API port of your on-premise deployment

To enable the Alert Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

  • In the bottom left hand corner, navigate to Settings > Integrations

Integrations Dropdown

  • Click "Available"

Click Available

  • In the Search bar, search Vectra AI then click "Configure"

The Vectra AI Tile
The Vectra AI alert source configuration (pt 1)

  • If you have a Cloud deployment, input the OAuth2 Client ID and Secret

The Vectra AI alert source configuration (pt 2)

  • If you have an On-premise deployment, input the Vectra AI Server, Port, and API Token

The Vectra AI alert source configuration (pt 3)

  • Input your desired poll interval and lookback

The Vectra AI alert source configuration (pt 4)

  • Click "Test & Save" to finish

If you have any errors or questions, engage your Dropzone AI support representative.

PreviousSumo LogicNextWiz

Last updated

Was this helpful?