19 Nov 2020

Vectra (Vectra AI), a globally renowned company in network threat detection and response (NDR) solutions, has announced broader and deeper cloud capabilities, to track and link accounts and data in hybrid environments.

Current security approaches lose visibility when environments expand to the Cloud, where users leverage multiple different accounts and may access resources from shadow IT devices.

Network threat detection and response (NDR)

Historically, users and hosts were on-premise and tightly controlled. Vectra’s enhanced capabilities mark the first and only NDR solution that can detect and stop threats across the entire network, tying together attacker activities and progression between the Cloud, hybrid, and on-premise networks.

The increasing number of remote workers, combined with the number of IoT devices accessing corporate and cloud networks, make both traditional network security solutions, including intrusion detection and end-point protection, blind to activity and data in cloud applications.

Rise in targeted credential-based attacks

Private and trusted networks cannot be protected by old network security, focused on malware signatures"

The rise of targeted credential-based attacks negates email security, multi-factor authentication (MFA), cloud access security brokers (CASBs), and other threat-prevention approaches, which are normally established to protect users because these malicious account-based attacks look like legitimate user actions.

Private and trusted networks cannot be protected by old network security, focused on malware signatures and anomaly detection alone. As workload shifts from clients, servers, and endpoints to the public cloud, this proliferation has created a network where user identity has become the new perimeter,” said Oliver Tavakoli, the Chief Technology Officer (CTO) at Vectra.

Securing network of hybrid on-premise and cloud connectivity

Oliver Tavakoli adds, “Vectra is uniquely positioned to protect this network of hybrid on-premise and cloud connectivity, with our learning behavioural models that stitch together hosts and on-premise, and cloud identities, to stop attacks earlier in the kill chain.

Vectra empowers security teams with continued analysis of how users are accessing, using and configuring cloud services, based on logs from SaaS, and account usage from Identity Providers (IdPs), including Microsoft Azure AD.

Vectra cloud and on-premise infrastructure solution

Vectra is the only solution that ties together all host and account interactions

Vectra is the only solution that ties together all host and account interactions, as they move between the Cloud and on-premise environments, in one consolidated view, to drastically reduce the overall risk of a breach.

This announcement comes on the heels of Vectra’s release of Cognito Detect for Office 365, earlier this year, the rapid adoption of which led to an accelerated effort to deepen and enhance this service.

Integration with SaaS applications

By seamlessly integrating with SaaS applications, such as Office 365, IaaS providers, IdPs and cloud virtualisation platforms, Vectra is giving visibility, into who and what is accessing data, regardless of how and where. Even before the rise of the COVID-19 pandemic, the Microsoft Q1 FY20 earnings call reported more than 200 million monthly Office 365 users. As of June, Teams reported 115 million daily active users, exceeding Zoom.

The sheer growth of individuals using the service increases the chance that cyber hygiene will fall by the wayside and knowledgeable attackers will exploit human behaviour, in order to gain high-privilege access to critical business data.