Vectra AI Cloud Coverage provides threat detection and response capabilities across multi-cloud and SaaS environments. The platform monitors AWS, Microsoft Azure, Microsoft 365, and Microsoft Copilot for M365 to identify attacker behaviors in near-real time. The solution uses behavior-based analytics trained on real-world attack data and MITRE ATT&CK frameworks to detect techniques including credential abuse, privilege escalation, lateral movement, and living-off-the-land attacks. It monitors both human and non-human identities across cloud environments. For AWS, the platform detects attacks targeting control planes and resources such as S3, EC2, and Lambda functions. Azure coverage includes visibility into policies and app services. M365 detection spans Teams, Exchange, OneDrive, eDiscovery, Power Automate, and SharePoint. The platform also monitors Microsoft Copilot for M365 to identify when attackers use generative AI to accelerate data discovery. The platform uses patented graph-based AI algorithms to establish baselines of normal privilege usage by monitoring interactions between accounts, services, and hosts. It attributes detections to human or machine account names rather than alphanumeric identifiers. Deployment is agentless and scales with cloud migrations and SaaS adoption. The platform covers over 90% of relevant MITRE ATT&CK techniques with more than 100 specialized detections for Microsoft environments and over 40 for AWS.