Stephen is a Senior Product Manager at Vectra AI where he is the product manager lead for the Vectra Recall product. He has nearly 20 years experience in service creation and delivery. His career has taken him from software engineer to product management as he looks for yet bigger problems to solve. He is deeply versed in cloud, networking and security from over 7 years as a program manager in Azure, where he owned two core services. He holds an M. Sc. in Software Development from the Institute of Technology, Tralee, Ireland.
The recent ZeroLogon (CVE-2020-1472) vulnerability allows an attacker to gain Domain Admin credentials. The Vectra AI/ML models are designed to detect attacks regardless of tools or signatures and alerted on ZeroLogon even before it was announced.
Attack tools and techniques can change over time, but attack behaviours remain a stable indicator of attackers within the network. Using attack behaviour as a high-fidelity signal allows you to take action quickly to stop attacks or prevent further damage.
In the era of near-total data, SOC teams and analysts can become swamped by the sheer volume. And that’s before we even get to the cost of data ingestion and storage! In this blog, we will explore the value of network metadata, and why we just can’t get this level of visibility elsewhere.
550 S. Winchester Blvd., Suite 200
San Jose, CA, USA 95128
© 2022 Vectra AI, Inc. All rights reserved.