AI-driven Attack Signal Intelligence provides SOC teams a holistic view of their active posture and any active attacks across networks, identities, clouds and GenAI tools
SINGAPORE, Aug. 7, 2024 /PRNewswire/ -- Vectra AI, Inc., the leader in AI-driven XDR (extended detection and response), today announced the expansion of its Vectra AI Platform, which now equips security operations center (SOC) teams with active posture to proactively discover and pinpoint where their hybrid environment is exposed to attackers. With this expansion, Vectra AI Platform's patented Attack Signal Intelligence™ now provides a holistic view with analytics to discover, deter, detect, and disrupt hybrid attackers.
To keep pace with attackers, it is critical for SOC teams to know where the organization is exposed to hybrid attacker infiltration, progression, and lateral movement across the entire hybrid environment. Failure to stay on top of a dynamic, ever-changing hybrid attack surface enables attackers to progress their campaigns to remain unseen and unstopped.
"At Vectra AI we are constantly innovating to keep up with the evolving attack landscape and stay one step ahead of attackers," said Hitesh Sheth, founder and CEO of Vectra AI. "As the leader in AI-driven XDR, we believe that SOC teams must have a view of their active posture to understand their exposure to attackers. With that foundation, they must be armed with the right information to actively seek out and identify active attacks across their networks, identities, clouds and GenAI tools. The Vectra AI Platform is rooted in a methodology that integrates security research, data science/machine learning engineering and user experience focused on one mission: use AI to deliver accurate attack signal at speed and scale."
With the proactive defense of Vectra AI Attack Signal Intelligence, SOC teams receive a comprehensive view of their network, identity, cloud, and GenAI active posture. Active posture across the hybrid environment provides SOC teams a real-time view of how the attack surface they are tasked to defend is changing, that other tools relying on static information cannot. Armed with the active posture component of Attack Signal Intelligence, SOC teams proactively discover security gaps related to what users and machines are actually doing. This is accomplished by monitoring 20+ different AI-enhanced data streams and hundreds of different attributes that enable teams to stop a future threat. It finds gaps that other tools miss like:
- Identity hygiene issues such as account logins without two-factor authentication, use of legacy sign-in protocols, weak location-based access controls and overly permissive access to tools like the backend Microsoft Graph API or PowerShell. In a given week, 99% of organizations have more than one user accessing Azure AD through Powershell or some scripting engine, any of which can be hijacked by an attacker and abused.
- Network posture with visibility into network risks like external RDP access, IPMI usage, weak or non-encrypted data transfers, and SMB1 usage. More than one-third of organizations still have SMBv1 enabled, opening them to ransomware and other attacker vulnerabilities.
- Clarity on Copilot for M365 usage across the organization allows teams to understand adoption and use, enabling improved governance around data access controls and permissions, including potential attacker abuse. Vectra AI sees that over 40% of organizations have started adopting Copilot for M365 in their environment.
Sharat Nautiyal, Director of Security Engineering, Vectra AI, APJ, adds, "AI in cybersecurity is the future and businesses that don't look at AI as a critically important component of their defence against automated attacks will be vulnerable. Particularly, as adoption rates of Gen AI productivity tools like Copilot for M365 continue to accelerate. Advanced AI delivered in an integrated attack signal could stop today's most challenging hybrid cyberattacks. It also helps take the ambiguity out of security analysts' day and enable them to focus on what matters."
This latest expansion of the Vectra AI platform follows Vectra AI's May 2024 announcement, introducing capabilities to detect attacker abuse of GenAI tools like Microsoft Copilot for M365.
Learn more about how Vectra AI is setting the new standard for extended detection and response (XDR) by visiting our blog and following along on LinkedIn and X.