Microsoft partners with Vectra to deliver Zero Trust security framework to provide analytics and mitigate threats emerging from distributed and hybrid-remote workforces.

Learn why a successful implementation of a Zero Trust Architecture requires a modern network detection and response solution that can collect metadata about encrypted traffic—without relying on the overhead of agents.

Discover step-by-step how Vectra identified early indicators of a ransomware attack and prevented the encryption of network file share in this blog.

National Institute for Standards and Technology (NIST) publication for the Zero Trust Architecture (NIST SP 800-207) relies heavily on continuous and accurate monitoring. Find out why network detection and response (NDR) is a required component.

Learn more about how Vectra’s new Detect Lockdown feature, made possible by integrating with CrowdStrike Falcon Insight Endpoint Detection and Response (EDR), enables you to automatically thwart cyberattackers on the device level.

The ultimate goal of most insider attacks is to steal data. Just one insider threat incident can cost your organization up to $3 million. Learn when disclosure is protected and how to stay ahead of malicious attacks in this blog.

Discover in this blog why many organizations are struggling with the burden of maintaining IDPS deployments and how security teams can instead concentrate on detecting and mitigating active threats inside the network with network detection and response.

Learn how IDPS is ill-equipped to detect what is known as lateral movement, east-west traffic, or simply attackers moving around inside your deployments due to reliance on signatures and being deployed at the network perimeter.

なぜIDPSがラテラルムーブの動きや東西のトラフィックなど、内部を動き回る攻撃者を検知する能力に欠けているかについて説明いたします。

Consider getting rid of IDPS and the noise it creates and check out detecting and stopping cyberattacks using NDR. Free-up your security analysts to focus on investigations and threat-hunting instead of tweaking signatures.

IDPSから、NDRへ置き換えるタイミングがきているのではないでしょうか。セキュリティアナリストが、シグネチャーの微調整作業に時間を費やす代わりに本当に必要な調査や脅威のハンティングに時間を使えるようにします。

サイバー攻撃が侵入拡大を図る過程では、多くの重要情報を入手できる特権アクセスが大きな鍵となります。

Privileged access is a key part of lateral movement in cyberattacks because privileged accounts have the widest range of access to critical information, making them the most valuable assets for attackers. The recent Twitter Hack compromising several high-profile accounts becomes another stark example.

MFA is a great step to take, but there are always ways around preventive controls. One of the well-known MFA bypass techniques is the installation of malicious Azure/O365 OAuth apps. Learn why you need to implement detection-based solutions.

多要素認証（MFA）はセキュリティ対策の一つですが、悪意のあるAzure/O365 OAuthアプリのインストールなどの迂回する方法があります。

Vectra announces a partnership and deep product integration with Microsoft Defender for Endpoint (EDR) and Microsoft Azure Sentinel (SIEM) to further our extensive partner ecosystem and allow our customers to leverage the tools they already are using.

Vectra AI社は、パートナーシップを結び、Microsoft Defender ATP (EDR) および Microsoft Azure Sentinel (SIEM) と深いレベルでの製品連携を行うことを発表しました。

Modern SOCs today are looking for tools that can give them complete visibility into user endpoints, multi-cloud, hybrid, and on-prem networks, as well as correlation and forensic capabilities. In this search, the SOC visibility triad has emerged as the de-facto standard.

PAA enables SOC teams to monitor and defend against these types of attacks. In addition to our extensive models that detect command-and-control channels, this make the Cognito platform a powerful tool to combat evolving malware attacks against enterprises.

NISTは、その目的について「どんな企業もサイバーセキュリティリスクを完全に排除することはできません。ZTAを既存のサイバーセキュリティポリシーやガイダンス、ID管理やアクセス管理、継続的な監視、さらに全般的なサイバー・ハイジーンによって補完することで、全般的なリスクを軽減し、一般的な脅威から自社を保護できるようになります」としています。

According to NIST, “No enterprise can completely eliminate cybersecurity risk. When complemented with existing cybersecurity policies and guidance, identity and access management, continuous monitoring, and general cyber hygiene, ZTA can reduce overall risk exposure and protect against common threats.”

In infosec, the concept of “zero trust” has grown significantly in the last couple of years and has become a hot topic. A zero-trust architecture fundamentally distrusts all entities in a network and does not allow any access to resources until an entity has been authenticated and authorized to use that specific resource, i.e. trusted.

情報セキュリティの世界で使われる「ゼロトラスト」というコンセプトは、ここ数年で大きく業界内で広がり、ホットなトピックになっています。基本的にゼロトラストアーキテクチャーは、ネットワークの全エンティティを信頼せず、エンティティが特定のリソースに対するアクセスについて認証または許可を受けていない（つまり信頼されない）限り、いかなるリソースへのアクセスも許可しないというものです。

For the second year in a row, we conducted the Vectra superhero survey at Black Hat. The survey is a quick six-question poll that helps us understand the current cloud adoption and top-of-mind concerns of attendees.