Download PDF version Contact company
Related Links

‍Vectra announced that Privileged Access Analytics (PAA) are available with the Cognito platform to monitor the interactions between user accounts, services, and hosts, and provide continuous visibility and assessment of privileges required to enforce zero trusts.

A traditional access-based approach to zero trusts relies on one-time security gating decisions that use a predefined list of privileged identities. This approach is fundamentally flawed when cyber attackers steal credentialed access or have escalated privileges.

We must have visibility into what the entity – the user, the executable, the device, the network connection and so on – is doing once it gains access,” according to Neil MacDonald, Gartner distinguished VP analyst and author of the Seven Imperatives to Adopt a CARTA Strategic Approach report. “How is it behaving? Does the entity or its behaviours represent an excessive risk? If so, then we should have the ability to detect this, confirm that it is real, prioritise it, and take action.”

Real-time assessment

With PAA, the Cognito platform continuously monitors the behaviours of user accounts, services, and hosts once they gain access to and operate on the network. As a result, Cognito delivers both a continuous real-time assessment of their privilege levels by scoring their behaviours for threat and certainty and a risk-level prioritisation for them. This empowers security teams with the right information to take quick action against the malicious use of privilege across cloud and hybrid environments.

Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time

The real-time assessment of trust is performed by continuously observing the behaviour of user accounts, services, and hosts on the network,” said Dr. Jacob Sendowski, director of product management at Vectra. “Now, when privileged credentials are compromised and abused, the new suite of Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time.”

Continuous visibility

Privileged Access Analytics gives me continuous visibility into the accounts, services, and hosts that are most valuable to me,” said Milos Pesic, cyber security specialist at ED&F Man Holdings Ltd., an employee-owned agricultural commodities merchant with 7,000 people in 60 countries.

We can easily scrutinise the behaviours on each to see if they represent a significant risk to our organisation. This has significantly decreased our time to investigate from minutes to seconds.”

PAA is immediately available in the Cognito platform as a suite of detection models in Cognito Detect and as searchable security enrichments to network metadata in Cognito Stream and Cognito Recall. Enforcement can be accomplished through native integrations with endpoint detection and response (EDR), security information and event management (SIEM) systems, and orchestration tools. Custom integration is available by accessing attributes through the Cognito REST API.

Download PDF version Download PDF version

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

How can organisations integrate physical security with other systems, such as IT and HR?
How can organisations integrate physical security with other systems, such as IT and HR?

By linking human resource (HR) systems to physical security, access control systems can automatically update permissions based on employee changes, such as promotions, terminations...

How are wearable technologies impacting the security market?
How are wearable technologies impacting the security market?

The most common wearable device deployed by security professionals is the body-worn camera. Traditionally used by law enforcement professionals, these devices are finding more and...

Dahua AI perimeter protection for SMBs
Dahua AI perimeter protection for SMBs

The perimeter of a small and medium-sized business (SMB) property is its first line of defence against intruders. It keeps the premises away from theft, property loss and security...

Featured white papers
The security challenges of data centers

The security challenges of data centers

Download
Security practices for hotels

Security practices for hotels

Download
Access control system planning phase 2

Access control system planning phase 2

Download
SIA Identity and Biometrics Symposium

SIA Identity and Biometrics Symposium

Download
Facial recognition

Facial recognition

Download
More product news
Crossword Cybersecurity’s Rizikon Assurance 2.0 solution empowers companies to take control of third-party risk

Crossword Cybersecurity’s Rizikon Assurance 2.0 solution empowers companies to take control of third-party risk
AlgoSec extends support for Cisco ACI SDN deployments with security management suite version A30

AlgoSec extends support for Cisco ACI SDN deployments with security management suite version A30
Videx introduces lift interface module in its VX2200 door entry system with enhanced functionalities

Videx introduces lift interface module in its VX2200 door entry system with enhanced functionalities
Featured products
ASSA ABLOY Aperio P100 Padlock

ASSA ABLOY Aperio P100 Padlock
Climax Technology TouchPanel-3

Climax Technology TouchPanel-3
Hikvision 8MP Network Speed Dome Camera

Hikvision 8MP Network Speed Dome Camera