Download PDF version Contact company
Related Links

‍Vectra announced that Privileged Access Analytics (PAA) are available with the Cognito platform to monitor the interactions between user accounts, services, and hosts, and provide continuous visibility and assessment of privileges required to enforce zero trusts.

A traditional access-based approach to zero trusts relies on one-time security gating decisions that use a predefined list of privileged identities. This approach is fundamentally flawed when cyber attackers steal credentialed access or have escalated privileges.

We must have visibility into what the entity – the user, the executable, the device, the network connection and so on – is doing once it gains access,” according to Neil MacDonald, Gartner distinguished VP analyst and author of the Seven Imperatives to Adopt a CARTA Strategic Approach report. “How is it behaving? Does the entity or its behaviours represent an excessive risk? If so, then we should have the ability to detect this, confirm that it is real, prioritise it, and take action.”

Real-time assessment

With PAA, the Cognito platform continuously monitors the behaviours of user accounts, services, and hosts once they gain access to and operate on the network. As a result, Cognito delivers both a continuous real-time assessment of their privilege levels by scoring their behaviours for threat and certainty and a risk-level prioritisation for them. This empowers security teams with the right information to take quick action against the malicious use of privilege across cloud and hybrid environments.

Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time

The real-time assessment of trust is performed by continuously observing the behaviour of user accounts, services, and hosts on the network,” said Dr. Jacob Sendowski, director of product management at Vectra. “Now, when privileged credentials are compromised and abused, the new suite of Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time.”

Continuous visibility

Privileged Access Analytics gives me continuous visibility into the accounts, services, and hosts that are most valuable to me,” said Milos Pesic, cyber security specialist at ED&F Man Holdings Ltd., an employee-owned agricultural commodities merchant with 7,000 people in 60 countries.

We can easily scrutinise the behaviours on each to see if they represent a significant risk to our organisation. This has significantly decreased our time to investigate from minutes to seconds.”

PAA is immediately available in the Cognito platform as a suite of detection models in Cognito Detect and as searchable security enrichments to network metadata in Cognito Stream and Cognito Recall. Enforcement can be accomplished through native integrations with endpoint detection and response (EDR), security information and event management (SIEM) systems, and orchestration tools. Custom integration is available by accessing attributes through the Cognito REST API.

Download PDF version Download PDF version

Related videos

DNAKE S-series video door phone

DNAKE S-series video door phone
Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05

Install in minutes, no tech required: DNAKE intercom kit IPK04 & IPK05
Case study: Gunes Park Evleri̇, Turkey

Case study: Gunes Park Evleri̇, Turkey

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Featured white papers
Palm vein recognition

Palm vein recognition

Download
The key to unlocking K12 school safety grants

The key to unlocking K12 school safety grants

Download
Selecting the right network video recorder (NVR) for any vertical market

Selecting the right network video recorder (NVR) for any vertical market

Download
Physical access control

Physical access control

Download
Cybersecurity for enterprise: The essential guide to protecting your business

Cybersecurity for enterprise: The essential guide to protecting your business

Download
Quick poll
What is the most significant challenge facing smart building security today?
More product news
Crossword Cybersecurity’s Rizikon Assurance 2.0 solution empowers companies to take control of third-party risk

Crossword Cybersecurity’s Rizikon Assurance 2.0 solution empowers companies to take control of third-party risk
AlgoSec extends support for Cisco ACI SDN deployments with security management suite version A30

AlgoSec extends support for Cisco ACI SDN deployments with security management suite version A30
Videx introduces lift interface module in its VX2200 door entry system with enhanced functionalities

Videx introduces lift interface module in its VX2200 door entry system with enhanced functionalities
Featured products
Verkada Command Connector for Camera Integration & Cloud Management

Verkada Command Connector for Camera Integration & Cloud Management
Hikvision One-Stop SMB Solutions

Hikvision One-Stop SMB Solutions
Dahua X-spans Wizmind Network PTZ Camera

Dahua X-spans Wizmind Network PTZ Camera