Vectra AI, a pioneer in network detection and response (NDR) announced enhanced cloud identity detection capabilities using Azure AD within its Cognito Detect for Office 365.
By integrating at the identity layer, Vectra gives complete cloud-to-ground security coverage over an organisation’s entire SaaS ecosystem. This single configuration effectively puts an end to lateral movement between ground and cloud.
Cognito Detect for Office 365
In the rapidly adopted remote work environment, data is stored and distributed across countless cloud applications. For many organisations, Azure AD holds the keys to the kingdom because it is leveraged for federated authentication to their SaaS applications.
Cognito Detect for Office 365 fills the security gap by drastically reducing the consequences of a supply chain breach
The adoption of Azure AD reached 425 million active users by the end of 2020 and last month Microsoft reported a 50 percent increase in Azure sales in its second fiscal quarter of 2021. This means that compromising a single Azure AD account can give an attacker access to a vast trove of data housed across multiple SaaS applications.
With the Vectra extended support for Azure AD, Cognito Detect for Office 365 fills an unanswered security gap by drastically reducing the consequences of a large-scale supply chain breach while offering a simple and comprehensive way to secure users’ cloud identities.
Using preventive controls
“Organisations must be able to see and stop attacks that have circumvented preventative controls, including multi-factor authentication (MFA), to gain access to their network and data. This starts with monitoring account usage for attack behaviour and intent,” said John Mancini, Sr. Product Manager.
“By using artificial intelligence to analyse how accounts are being used, we find attack behaviors in Azure AD to detect and stop account takeovers before an attack can compromise SaaS applications."
NDR solution
Vectra integrates directly with Azure AD, giving full coverage of all federated SaaS applications
Vectra is the first NDR solution to offer universal control over data and identities to meet growing privacy and compliance concerns. Other security solutions require configuration on a per-app basis for security coverage, which is too cumbersome and time-consuming to benefit organisations in the long run or the throes of a breach.
Vectra integrates directly with Azure AD, giving full coverage of all federated SaaS applications. This ultimately reduces costs by storing curated network metadata and covers gaps in an organization’s security posture through proactive investigation and threat hunting.
Public cloud services
The adoption of public cloud services has skyrocketed within the past year, with Canalys reporting that the worldwide cloud market grew by 33 percent in Q3 2020 alone. This rapid cloud migration has led to a massive gap in visibility where traditional security solutions are unable to see what happens in the cloud.
To combat this, Vectra offers patented, industry-leading behavioural detections for cloud identity to secure SaaS applications from account takeovers and malicious insider attacks.