How Vectra AI cut 90% of container vulnerabilities with echo

Meet Vectra AI

Vectra AI is a leading cybersecurity company protecting modern networks from modern attackers. With thousands of customers across industries like healthcare, education, and government, Vectra combines AI and machine learning to detect and stop attacks in real time.

The company operates in highly complex hybrid environments, where traditional on-premise networks intertwine with cloud infrastructure, identity providers, and SaaS systems. This interconnectedness creates vast attack surfaces and a critical need for consistent, proactive defense.

The vulnerability challenge

Roughly 90% of Vectra’s cloud environment is built on containers. And while this enables scalability and rapid deployment, it also introduces a serious challenge because open source container images are inherently vulnerable. “We have engineers that spin up these containers, and 60 to 70% have vulnerabilities,” said Chris. “Most of them aren’t exploitable, but our teams still have to chase them down.”

And to complicate matters further, each security tool tends to tell a different story. Scanners like Trivy, Grype, and others surfaced overlapping and somewhat conflicting findings, leaving engineers with the constant need to dedupe and verify what’s actually real. “We scan our containers early in the pipeline, and every tool gives us a different list of priorities,” Chris explained. “We then have to figure out how it impacts the app, who owns the code, and how to make the change without hurting production.”

That entire process consumes significant portions of engineering time and triggers friction with security teams. “Nobody likes squashing vulnerabilities full time,” Chris explained. “Our engineers want to build, not chase false positives.”

The echo solution

Chris first discovered echo at an industry event, immediately recognizing the solution. “Within five minutes of talking with folks at echo, I knew this is exactly what we needed.”

Vectra’s decision to adopt echo was also driven by compliance needs. The company is TX-RAMP compliant and preparing for FedRAMP, requiring strict quarterly reporting on vulnerabilities. “With echo, we not only get vulnerability-free images, but they’re also FIPS-compliant and hardened.”

Implementation has been extremely smooth, requiring very little effort across Vectra teams. “It’s an off-the-shelf solution. Minimal integration,” said Chris. “echo provides a store of hardened images – we pick, sync, and deploy. The team has been fantastic.” Developers quickly noticed the difference: clean, compliant images that worked just like their existing ones.

Real results and impact

Engineers who had once spent hours verifying scanner noise are now focusing on building and improving core products. “It’s literally a flip in version or name,” Said Chris. “And we see 90% fewer vulnerabilities immediately.”

The time saved extends beyond engineering. With echo’s FIPS-compliant, vulnerability-free base images, Vectra has simplified compliance reporting and reduced the burden of quarterly audits. The company is now planning to extend echo’s coverage beyond production into internal and non-production environments to further reduce exposure.

“It’s a relatively inexpensive solution, especially because of the high payoff,” Chris noted. “We see the value of rolling this out everywhere – not just for compliance, but to reduce risk and accelerate delivery.”

Takeaways

echo has given Vectra clarity and confidence. “If you’re containerized, it’s a win-win,” Chris said. “It doesn’t make sense to spend your time squashing vulnerabilities when companies like echo have solved it off the shelf. With a low investment and minimal lift, you can eliminate 90% of vulnerabilities up front.”

The change has already freed Vectra’s engineers to focus on what they do best — designing, coding, and innovating for their customers. “Echo is a great example of AI being used to solve a real, meaningful problem,” Chris added. “It’s where I hope the entire industry is headed.”