Download PDF version Contact company
Related Links

‍Vectra announced that Privileged Access Analytics (PAA) are available with the Cognito platform to monitor the interactions between user accounts, services, and hosts, and provide continuous visibility and assessment of privileges required to enforce zero trusts.

A traditional access-based approach to zero trusts relies on one-time security gating decisions that use a predefined list of privileged identities. This approach is fundamentally flawed when cyber attackers steal credentialed access or have escalated privileges.

We must have visibility into what the entity – the user, the executable, the device, the network connection and so on – is doing once it gains access,” according to Neil MacDonald, Gartner distinguished VP analyst and author of the Seven Imperatives to Adopt a CARTA Strategic Approach report. “How is it behaving? Does the entity or its behaviours represent an excessive risk? If so, then we should have the ability to detect this, confirm that it is real, prioritise it, and take action.”

Real-time assessment

With PAA, the Cognito platform continuously monitors the behaviours of user accounts, services, and hosts once they gain access to and operate on the network. As a result, Cognito delivers both a continuous real-time assessment of their privilege levels by scoring their behaviours for threat and certainty and a risk-level prioritisation for them. This empowers security teams with the right information to take quick action against the malicious use of privilege across cloud and hybrid environments.

Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time

The real-time assessment of trust is performed by continuously observing the behaviour of user accounts, services, and hosts on the network,” said Dr. Jacob Sendowski, director of product management at Vectra. “Now, when privileged credentials are compromised and abused, the new suite of Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time.”

Continuous visibility

Privileged Access Analytics gives me continuous visibility into the accounts, services, and hosts that are most valuable to me,” said Milos Pesic, cyber security specialist at ED&F Man Holdings Ltd., an employee-owned agricultural commodities merchant with 7,000 people in 60 countries.

We can easily scrutinise the behaviours on each to see if they represent a significant risk to our organisation. This has significantly decreased our time to investigate from minutes to seconds.”

PAA is immediately available in the Cognito platform as a suite of detection models in Cognito Detect and as searchable security enrichments to network metadata in Cognito Stream and Cognito Recall. Enforcement can be accomplished through native integrations with endpoint detection and response (EDR), security information and event management (SIEM) systems, and orchestration tools. Custom integration is available by accessing attributes through the Cognito REST API.

Download PDF version Download PDF version

Related videos

Enhanced security with S617 video door station

Enhanced security with S617 video door station
Remote Guarding Video Series Part 1: Overview and Basics.

Remote Guarding Video Series Part 1: Overview and Basics.
Remote Guarding Video Series Part 2: System Design

Remote Guarding Video Series Part 2: System Design

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Featured white papers
The key to unlocking K12 school safety grants

The key to unlocking K12 school safety grants

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
5 surprising findings from OT vulnerability assessments

5 surprising findings from OT vulnerability assessments

Download
Palm vein recognition

Palm vein recognition

Download
Physical access control

Physical access control

Download
Quick poll
What is the most significant challenge facing smart building security today?
More product news
Crossword Cybersecurity’s Rizikon Assurance 2.0 solution empowers companies to take control of third-party risk

Crossword Cybersecurity’s Rizikon Assurance 2.0 solution empowers companies to take control of third-party risk
AlgoSec extends support for Cisco ACI SDN deployments with security management suite version A30

AlgoSec extends support for Cisco ACI SDN deployments with security management suite version A30
Videx introduces lift interface module in its VX2200 door entry system with enhanced functionalities

Videx introduces lift interface module in its VX2200 door entry system with enhanced functionalities
Featured products
Dahua 4MP WizColor Bullet Camera with Fixed-Focal and WizSense AI

Dahua 4MP WizColor Bullet Camera with Fixed-Focal and WizSense AI
Hikvision WonderHub: Interactive Displays for Collaboration

Hikvision WonderHub: Interactive Displays for Collaboration
Verkada GC31 Cellular Gateway for Seamless Device Connectivity

Verkada GC31 Cellular Gateway for Seamless Device Connectivity