Feb 2025 Release Notes (RUX)

The Respond UX February release (2025.02) includes:

Provide Support for Authentication via OAuth

Vectra supports both the existing Personal Access Token (PAT) and Oauth2 flow in v2.x. The Oauth2 access token will be valid for 6 hours after which it will expire, and a new token will need to be requested using the API client credentials. API client creation must be done in the Vectra UI only. Accessing v2.x APIs older than v2.5 works the same way it does for v2.5. The public postman collection has been updated for all v2.x versions.

M365 GCC Support

Vectra now supports Microsoft 365 Government Community Cloud (GCC) environments. While support previously existed for GCC-High and Azure AD customers, this update extends coverage to customers operating in GCC environments—commonly used by U.S. state, local, and federal agencies. By integrating with Microsoft’s GCC-specific endpoints, Vectra AI ensures secure and compliant log aggregation to provide complete visibility and threat detection across all Microsoft government cloud tiers.

Cybereason EDR Support

Vectra added support for ingesting EDR alerts from Cybereason. Customers using Cybereason can now configure their integration within Cantina to enable alert ingestion and visibility.

Altering Group Type

Starting in 9.1, Vectra supports conversion between static and dynamic group types for QUX deployments. Existing triage filters that reference a static group, will continue to function without requiring any change after the group is redefined using a regex in the dynamic group configuration. This should allow for greater flexibility and ease of implementation as customers move to dynamic groups. For more information on dynamic groups see the Dynamic Groups FAQ.