AI-driven Attack Signal Intelligence provides SOC teams a holistic view of their active posture and any active attacks across networks, identities, clouds and GenAI tools
Vectra AI, Inc., the leader in AI-driven XDR (extended detection and response), announced the expansion of its Vectra AI Platform, which now equips security operations center (SOC) teams with active posture to proactively discover and pinpoint where their hybrid environment is exposed to attackers. With this expansion, Vectra AI Platform’s patented Attack Signal Intelligence™ now provides a holistic view with analytics to discover, deter, detect, and disrupt hybrid attackers.
To keep pace with attackers, it is critical for SOC teams to know where the organization is exposed to hybrid attacker infiltration, progression, and lateral movement across the entire hybrid environment. Failure to stay on top of a dynamic, ever-changing hybrid attack surface enables attackers to progress their campaigns to remain unseen and unstopped.
“At Vectra AI we are constantly innovating to keep up with the evolving attack landscape and stay one step ahead of attackers,” said Hitesh Sheth, founder and CEO of Vectra AI. “As the leader in AI-driven XDR, we believe that SOC teams must have a view of their active posture to understand their exposure to attackers. With that foundation, they must be armed with the right information to actively seek out and identify active attacks across their networks, identities, clouds and GenAI tools. The Vectra AI Platform is rooted in a methodology that integrates security research, data science/machine learning engineering and user experience focused on one mission: use AI to deliver accurate attack signal at speed and scale.”
Also Read: Swimlane AI Cybersecurity Boosted by Advanced AI Algorithms
With the proactive defense of Vectra AI Attack Signal Intelligence, SOC teams receive a comprehensive view of their network, identity, cloud, and GenAI active posture. Active posture across the hybrid environment provides SOC teams a real-time view of how the attack surface they are tasked to defend is changing, that other tools relying on static information cannot. Armed with the active posture component of Attack Signal Intelligence, SOC teams proactively discover security gaps related to what users and machines are actually doing. This is accomplished by monitoring 20+ different AI-enhanced data streams and hundreds of different attributes that enable teams to stop a future threat. It finds gaps that other tools miss like:
- Identity hygiene issues such as account logins without two-factor authentication, use of legacy sign-in protocols, weak location-based access controls and overly permissive access to tools like the backend Microsoft Graph API or PowerShell. In a given week, 99% of organizations have more than one user accessing Azure AD through Powershell or some scripting engine, any of which can be hijacked by an attacker and abused.
- Network posture with visibility into network risks like external RDP access, IPMI usage, weak or non-encrypted data transfers, and SMB1 usage. More than one-third of organizations still have SMBv1 enabled, opening them to ransomware and other attacker vulnerabilities.
- Clarity on Copilot for M365 usage across the organization allows teams to understand adoption and use, enabling improved governance around data access controls and permissions, including potential attacker abuse. Vectra AI sees that over 40% of organizations have started adopting Copilot for M365 in their environment.
“Vectra AI’s XDR platform with Attack Signal Intelligence equips the SOC with a complete view of their hybrid environment – not just to determine if their network, identity, or cloud has already been compromised – but if something is operating in a way that may lead to a future compromise,” said Jeff Reed, chief product officer of Vectra AI. “Customers who are already using the Vectra AI Platform can now effectively discover, deter, detect, and disrupt hybrid attackers, proactively addressing the full cycle of a potential breach, and utilize these capabilities free of charge.”
Source: PRNewswire
