Vectra Identity Threat Detection and Response (ITDR) is a security solution that monitors and detects identity-based attacks across hybrid environments. The platform uses AI-based threat detection to identify compromised identities and attacker behaviors across Active Directory, Microsoft Entra ID (formerly Azure AD), and cloud environments. The solution provides coverage for both human and service accounts, including automated monitoring of service account activity to detect abuse. It correlates identity threat signals with network and cloud activity to identify attackers using stolen credentials or compromised identities. The platform detects various attack techniques including kerberoasting, DCSYNC, rogue LDAP queries, and phishing-driven compromises. It monitors identity infrastructure and provides detection capabilities for ransomware attacks that leverage identity compromise. Vectra ITDR includes coverage for Microsoft 365 applications and AWS environments, extending identity threat detection to cloud workloads. The solution aims to reduce false positives by correlating attacker actions across multiple data sources rather than relying solely on anomaly detection. The platform provides investigation capabilities and supports automated or customized response actions. It is designed to integrate with managed detection and response (MDR) services and includes coverage aligned with MITRE ATT&CK and MITRE D3FEND frameworks.