Sep 6, 2017 SOURCE: PR NewsWire

Vectra Introduces Attack Campaign Detection and Prediction, and Enhances Solution for Data Center and Cloud

SAN JOSE, Calif., Sept. 6, 2017 /PRNewswire/ -- Vectra, the leader in automating the hunt for in-progress cyberattacks, is advancing automated threat hunting with the introduction of Attack Campaigns. The Vectra Cognito platform now further automates threat hunting by exposing the relationships between threat detections on separate workloads and devices to understand the activity and scope of attack campaigns. Growing demand to automate threat hunting and the company's recent advances spurred a 208% increase in 2Q2017 revenue compared to the same quarter last year.

"Recent ESG research reveals that 45 percent of organizations say they have a problematic shortage of cybersecurity skills while 54 percent of survey respondents believe their cybersecurity analytics and operations skill levels are inappropriate," said Jon Oltsik, senior principal analyst at ESG. "Large organizations with cybersecurity operations staffs that are particularly weak at threat hunting as well as assessing and prioritizing security alerts are embracing machine learning technologies, such as Vectra Cognito, that can help them detect and respond to cyberattacks in real time."

According to Vectra research of attacker behaviors in nearly 200 enterprise organizations, there are 841 security events per quarter for every 1,000 workloads or devices in a network, but only events on five workloads or devices represent either a critical or high severity risk. Attacker behaviors triggering these events are frequently part of the same attack campaign. Previously, security analysts had to manually find the relationship between the detected behaviors, making it nearly impossible to respond in real time.

As an attacker controls devices remotely, performs reconnaissance and moves laterally in a network, Vectra Cognito presents a synthesized view of the entire attack campaign by connecting the dots of related attacker behavior detections across all involved hosts. Organizations using Vectra Cognito can also zoom in or pan the view of hosts or related campaign detections to analyze the campaign history and better understand the lifetime of the attack. By identifying connections across multiple machines which are part of a single attack campaign, an entire attack can be stopped at the earliest signs of detection.

"Alert fatigue is overwhelming security analysts' time and organizations' security budgets. Manually investigating individual steps of advanced attacks is one reason why security services continue to be the fastest growing segment of the $86.4 billion security market in 2017," said Kevin Kennedy, vice president product management at Vectra. "With AI correlating attacker behaviors across time and revealing the resulting campaign narrative, security analysts can instead focus on the critical role of confirming the key detections underpinning the campaign and stopping attacks before data is stolen."

Vectra Cognito Enhancements for Data Center and Cloud

Vectra developed the first purpose-built solution to detect advanced attackers and cyberattacks in cloud data centers. Vectra Cognito natively integrates with the virtualization platform and introduces detection models that are exclusively designed to deliver real-time visibility into the behavior of attackers in cloud data centers. New attacker behaviors detected now include:

Advanced Remote Desktop Protocol (RDP) analysis - RDP provides a user with a graphical interface to connect to another computer over a network connection. This protocol is often abused by attackers as it allows them to remotely drive a system as if they were on it, simply by stealing a credential. RDP servers are also commonly used as "jump hosts" that can enable attackers to infiltrate the data center while disguised as normal administrators. Cognito now includes multiple detection algorithms that learn details about how RDP is used within an environment and identify changes in the system initiating the connection that indicate the session is attacker-contolled, as well as attempts to find and compromise RDP servers.

SMB Account Scan - Smart attackers often target local accounts - which do not require authentication against Active Directory (AD) - because they are stealthy and allow them to stay beneath the radar of UBA and SIEM tools that analyze AD logs. This new detection algorithm enables Vectra Cognito to discover attackers performing internal reconnaissance using the SMB protocol to locally authenticate to a server to determine the list of available accounts on that server.

Vectra Extends Cloud Coverage with AWS vSensor

A new vSensor for AWS extends these new attacker behavior detections for cloud workloads running in Amazon Web Services, providing Vectra customers with attack campaign visibility across cloud and data center workloads in addition to user and IoT devices, leaving attackers with nowhere to hide.

About Vectra
Vectra(®) is transforming cybersecurity with AI. Its Cognito platform automates cyberattack detection and response from data center and cloud workloads to user and IoT devices. Cognito correlates threats, prioritizes hosts based on risk and provides rich context to empower response with existing security systems, reducing security operations workload by 168x. Vectra was named "Most Innovative Emerging Company" in the Dark Reading Best of Black Hat Awards. InformationWeek also named Vectra one of the Top 125 companies to watch in 2016. Vectra has been issued 5 U.S. patents with 14 additional patents pending for cybersecurity applications of machine learning and artificial intelligence. Vectra investors include Khosla Ventures, Accel Partners, IA Ventures, AME Cloud Ventures and DAG Ventures. The company is headquartered in San Jose, Calif. and has European regional headquarters in Zurich, Switzerland. For more information, visit https://vectra.ai

Vectra, the Vectra Networks logo and 'Security that thinks' are registered trademarks, and Cognito, the Vectra Threat Labs and the Threat Certainty Index are trademarks of Vectra Networks. Other brand, product and service names are trademarks, registered trademarks or service marks of their respective holders.

Media Contacts:

LEWIS Global Communications, PR for Vectra
press@vectra.ai
(781) 418-2400

View original content with multimedia:http://www.prnewswire.com/news-releases/vectra-introduces-attack-campaign-detection-and-prediction-and-enhances-solution-for-data-center-and-cloud-300514092.html

SOURCE Vectra Networks

Related News

Vectra research identifies new exploitable attack surface within cloud services and remote healthcare

Vectra security research identifies how cyberattackers use Microsoft Office 365 tools against organizations to steal data

Vectra integrates network threat detection and response for Microsoft Security Services

Vectra expands global footprint through enriched channel partner program, training and growth into commercial market

Cloud Security Alliance’s Top Threats to Cloud Computing: Pandemic 11 Report Finds Traditional Cloud Security Issues Becoming Less Concerning

Vectra expands intelligent cyberattack detection and response capabilities with CrowdStrike

Nearly 70% of Financial Services Companies Globally Have Experienced a Cyberattack

iboss Receives 2020 Cloud Computing Security Excellence Award

View all News

Related Procurements

Deadline: Dec 31, 2069

59--CIRCUIT CARD ASSEMB

Totcal cancellation no FY20 funding

Deadline: Oct 1, 2024

Microelectronics Innovation for Next-generation System Advancement and Validation (MINSAV) Advanced Research Announcement (ARA) with Calls

This is to post questions and answers and OSD Briefing from Industry Day.

Deadline: Oct 31, 2024

Air Superiority Technology Broad Agency Annoucement

This Broad Agency Announcement (BAA) is for the Air Force Research Laboratory Munitions directorate (AFRL/RW) in support of Air Superiority Technolgoy. Operations Security (OPSEC): General OPSEC procedures,...

View all Procurementsp

Agenda

June

FranceParc des Expositions de Paris Nord Villepinte ZAC Paris Nord 2, 93420 Villepinte – France (Halls 5a – 5b – 6)

Eurosatory 2024, 17 - 21 June 2024, Parc des Expositions de Paris Nord Villepinte ZAC Paris Nord 2, 93420 Villepinte – France (Halls 5a – 5b – 6)

Eurosatory 2024 There can be no sustainable world without peace and security. Founded in 1967, the exhibition...

May

Paris Marriott Rive Gauche & Conference Center

Future Artillery, 21-23 May 2024, Paris Marriott Rive Gauche & Conference Center, France

DELIVERING FIRES IN THE MULTI-DOMAIN BATTLESPACE As artillery reasserts itself as the ‘King of Battlefield’ in the wake...

May

United Arab EmiratesADNEC (Abu Dhabi National Exhibition Centre), Abu Dhabi, Al Khaleej Al Arabi St - Al Rawdah - Al Ma'arid - Abu Dhabi, UAE

ISNR Abu Dhabi 2024, 21-23 May 2024, ADNEC (Abu Dhabi National Exhibition Centre), Abu Dhabi, Al Khaleej Al Arabi St - Al Rawdah - Al Ma'arid - Abu Dhabi, UAE

ISNR ACCELERATING TRANSFORMATION IN THE NATIONAL SECURITY ECOSYSTEM ISNR Abu Dhabi is the region’s most trusted...

View All Events

Related Companies

GE AVIATION

Aecom

Fluor

View All Companies