Vectra, a network threat detection and response (NDR) specialist, has announced broader and deeper cloud capabilities to track and link accounts and data in hybrid environments
Current security approaches lose visibility when environments expand to the cloud, where users can leverage multiple different accounts and access resources from shadow IT devices. Historically, users and hosts were on-site and tightly controlled. Vectra’s NDR solution can detect and stop threats across the entire network, linking attacker activities and progress between cloud, hybrid, and on-site networks.
Increasing numbers of remote workers, combined with the number of IoT devices that access corporate and cloud networks, make both traditional network security solutions, including intrusion detection and endpoint protection, blind to activity and data in cloud applications.
The rise of targeted credential-based attacks negates email security, multi-factor authentication (MFA), cloud access security brokers (CASBs) and other threat-prevention approaches normally established to protect users because these malicious account-based attacks look like legitimate user actions.
“Private and trusted networks cannot be protected by old network security focused on malware signatures and anomaly detection alone. As workload shifts from clients, servers, and endpoints to the public cloud, this proliferation has created a network where user identity has become the new perimeter,” said Oliver Tavakoli, chief technology officer at Vectra. “Vectra is uniquely positioned to protect this network of hybrid on-premise and cloud connectivity with our learning behavioural models that stitch together hosts and on-premise and cloud identities to stop attacks earlier in the kill chain.”
Vectra empowers security teams to continue analysing how users access, use and configure SaaS log-based cloud services, and Identity Providers (IdPs) account usage, such as Microsoft Azure AD.
This announcement comes on the heels of Vectra’s release of Cognito Detect for Office 365 earlier this year, the rapid adoption of which led to an accelerated effort to deepen and enhance this service. By seamlessly integrating with SaaS applications like Office 365, IaaS providers, IdPs and cloud virtualisation platforms, Vectra gives visibility into who and what is accessing data, regardless of how and where.