Vectra AI - Experts & Thought Leaders

Vectra AI announced the availability of Vectra Detect in the Microsoft Azure Marketplace, an online store providing applications and services for use on Microsoft Azure. Vectra customers can take advantage of the scalability, high availability, and security of Azure, with streamlined deployment and management. AI-driven threat detection and response Vectra creates security-derived, AI-driven threat detection and response that delivers key Zero Trust capabilities for Microsoft 365 and Microsoft Azure customers. A member of the Microsoft Intelligent Security Association (MISA), Vectra created and integrated custom workbooks in Azure Sentinel to streamline incident response across the platform’s ecosystem of tools and enable security analysts and SOC teams to prioritise their investigation and remediation efforts more efficiently. Vectra also partners with Microsoft on its Zero Trust security framework. Vectra Detect built-in web interface enables security analysts to efficiently prioritise their investigations Built-in web interface The Vectra Detect built-in web interface enables security analysts to efficiently prioritise their investigations starting with the most critical, provides an overview of all accounts and hosts exhibiting suspicious behaviour, identifies campaigns involving multiple hosts, and is enabled to break down individual detections for further investigation. Vectra Detect Workbooks for Azure Sentinel offer customers a range of benefits including: Automated incidents in Azure Sentinel based on configurable threat and certainty score thresholds from Vectra Forensic analysis on incidents to identify and pinpoint the devices, accounts, and attackers involved in any given situation Vectra detections direct to enterprise Azure Sentinel workbooks for the immediate attention of SOC teams Azure Sentinel Vectra has created custom connectors and workbooks within the platform to provide high-fidelity alerts" "In enterprise situations, where there is often an ecosystem of tools in use at once, Azure Sentinel is uniquely enabled to provide one single interface for multiple tools,” said Randy Schirman, VP of Service Delivery at Vectra AI. “To further enhance the incident response capabilities of Azure Sentinel, Vectra has created custom connectors and workbooks that can be deployed within the platform to provide high-fidelity alerts with context detailed to accelerate time to detect and time to respond.” Microsoft Azure Marketplace “Microsoft Azure Marketplace lets customers worldwide discover, try, and deploy software solutions that are certified and optimised to run on Azure,” said Jake Zborowski, General Manager, Microsoft Azure Platform at Microsoft Corp. “Azure Marketplace helps solutions like Vectra Detect reach more customers and markets.”

Vectra AI, a pioneer in threat detection and response released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from an organisation of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organisations. Findings of the survey As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organisations who are regularly deploying new workloads, leveraging deployments in multiple regions, and are relying on more than one AWS service. The survey found: 64% of DevOps respondents are deploying new workload services weekly or even more frequently 78% of organisations are running AWS across multiple regions (40% in at least three) 71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.) Blind spots Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include: 30% of organisations surveyed have no formal sign-off before pushing to production 40% of respondents say they do not have a DevSecOps workflow 71% of organisations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations centre (SOC) headcounts, showing significant investment in keeping their organisations secure.   Cloud security “Securing the cloud with confidence is nearly impossible due to its ever-changing nature,” said Matt Pieklik, Senior Consulting Analyst at Vectra. “To address this, companies need to limit the number of attack vectors malicious actors can take. This means creating formal sign-off processes, creating DevSecOps workflows, and limiting the number of people that have access to their entire infrastructure as much as possible.” “Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness.” Vectra has answered this industry need through the creation of Detect for AWS which reduces the risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.

Vectra AI, a globally renowned company in threat detection and response, has announced that the Vectra Cognito platform delivers key Zero Trust capabilities for Microsoft 365 and Microsoft Azure customers. Vectra AI Vectra AI is uniquely positioned as an integral part of the model, which assumes breaches by investigating the behaviour of users, workloads, networks, and devices as though they originate from an untrusted network by leveraging its analytics and understanding of users and accounts, tracking them between on-premise and the Cloud. Since cloud applications and a mobile workforce have redefined the security perimeter, and corporate resources and services now often bypass on-premises, perimeter-based security models that rely on network firewalls and VPNs have become obsolete. Zero Trust Maturity Model With the integration of the Vectra Cognito platform, customers will have access to AI-powered threat detection To address this, Microsoft Corporation developed the Zero Trust Maturity Model, to adapt to the complexities of modern environments effectively. With the integration of the Vectra Cognito platform, customers will have access to AI-powered threat detection, to monitor and verify the communications to their business-critical applications. “The Vectra Cognito platform was developed on the idea that standard, static security measures, like firewalls, NAC, and VPNs, were not enough to protect the modern enterprise,” said Randy Schirman, Vectra AI’s Vice President (VP) of Partnerships, adding “With the hybrid remote work model effectively rendering traditional security measures obsolete, we are completely aligned with the Microsoft Zero Trust Model approach.” Vectra Cognito Platform with AI The Vectra Cognito Platform uses AI (Artificial Intelligence) to efficiently find and prioritise hidden attacks in real time, inside Microsoft 365, Azure Active Directory (AD), the Cloud, data centre, IoT, and enterprise networks, before attackers cause irreparable harm to the organisation. The platform allows security teams to prevent attacks earlier in the kill chain, ensuring that applications essential to business continuity are available and accessible for the entire extended workforce. Vectra will help deliver visibility and analytics on the Zero Trust framework’s three guiding principles: Verify explicitly - Always authenticate and authorise based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies. Use least privileged access - Limit user access with Just-in-Time and Just-Enough (JIT/JEA), risk-based adaptive polices, and data protection to protect both data-based adaptive polices, and data protection to protect both data and productivity. Assume breach - Minimise blast radius for breaches and prevent lateral movement, by segmenting access by network, user, devices, and application awareness. Verify all sessions are encrypted end-to-end. Use analytics to get visibility, drive threat detection and improve defences. Enhanced threat detection and response “Threat detection and response that accurately detects network anomalies and account takeover, by monitoring user and machine behaviour, is a core capability for Zero Trust,” said Desmond Forbes, the Senior Director of Business Development at Microsoft. Desmond Forbes adds, “Vectra, provides customers with visibility into their hybrid cloud environments, the accounts use, and integrates that information with Microsoft Defender for Endpoint and Azure Sentinel, to meet our joint customers’ Zero Trust objectives.”