Vectra

Cybersecurity

Vectra® is the world leader in AI-powered network detection and response.

Posts from

Vectra

January 25, 2022
|
By
Vectra
Log4J Won’t Be the Last Exploit, So Let’s Make Sure You’re Ready

As we saw with the Log4J vulnerability, cybercriminals only need a single opening to infiltrate your environment. And while another vulnerability can’t be prevented, there’s still a lot that can be done to make sure you’re ready for the next one.

Read More
December 5, 2021
|
By
Vectra
Nine Questions To Ask Your AI Vendor And Why

Asking the right questions to your vendor is critical to dissociate the trendy marketing wording from reality. Asking questions such as "What type of machine learning algorithms does your product use?" will help. Discover the top nine questions we think you should ask.

Read More
August 18, 2021
|
By
Vectra
5 Areas Exposing Your AWS Deployments to Security Threats

Organizations continue to deploy rapidly in the cloud, while security is often an afterthought. Read about the five areas that could be exposing your AWS deployments to security threats. 

Read More
August 16, 2021
|
By
Vectra
Hacker Raises Hand, Claims T-Mobile Breach

T-Mobile investigates a hacker who claims to breach data of 100 million customers. See what possible outcomes this could result in for the telecoms company.

Read More
August 11, 2021
|
By
Vectra
Uncovering Security Blind Spots in IaaS and PaaS Environments

As organizations continue to build on AWS with no sign of slowing down, it’s important to know where the security blind spots are and how to address them.

Read More
August 4, 2021
|
By
Vectra
State of Security: How Pros Address Daily Cloud Security Challenges

The State of Security Report: PaaS and IaaS takes a close look at how organizations are addressing security in AWS and the challenges they face.

Read More
July 21, 2021
|
By
Vectra
Microsoft Partners with Vectra to Deliver Zero Trust Security 

Microsoft partners with Vectra to deliver Zero Trust security framework to provide analytics and mitigate threats emerging from distributed and hybrid-remote workforces.

Read More
July 15, 2021
|
By
Vectra
Confronting Risk and Exposure in Healthcare

Attackers intent on stealing personally identifiable information (PII) and protected health information (PHI) can easily exploit gaps in IT security policies and procedures to disrupt critical healthcare-delivery processes.

Read More
June 29, 2021
|
By
Vectra
Demystifying Cloud Security with Forrester

The rapid shift to cloud-everything left users and apps vulnerable to security threats across all environments. Andras Cser from Forrester joined Joe Malenfant and Gokul Rajagopalan from Vectra to discuss cloud trends among organizations.

Read More
June 22, 2021
|
By
Vectra
5 Things to Know about DarkSide & Other Ransomware as a Service Groups

DarkSide ransomware as a service (RaaS) group provided hackers with a convenient way to extort money from organizations after access was gained. Here are five things you need to know about this prominent cybercriminal group.

Read More
June 16, 2021
|
By
Vectra
Vectra Introduces Detect for AWS: Threat Detection and Response for IaaS and PaaS

Vectra introduces Detect for AWS, solving threat detection and response for Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) environments.

Read More
February 17, 2021
|
By
Vectra
SUNBURST Highlights: How Current User Access Models Allowed World's Largest Supply Chain Attack

Vectra researchers have dissected the SolarWinds supply chain compromise from the initial backdoor to the establishment of persistent access in the data center and cloud environments. A specific focus is provided for Microsoft Office 365, which appears to have been a key target.

Read More
January 12, 2021
|
By
Vectra
Das Jahr im Rückblick – und das kommende Jahr

Es ist wieder an der Zeit, uns die jüngere Vergangenheit anzuschauen und in die Zukunft zu blicken und darauf, was uns das nächste Jahr in puncto Cyber-Sicherheit bringen wird.

Read More
January 5, 2021
|
By
Vectra
5 Steps of an Actual Maze Ransomware Post Incident

Discover step-by-step how Vectra identified early indicators of a ransomware attack and prevented the encryption of network file share in this blog.

Read More
December 10, 2020
|
By
Vectra
Beware of Malicious Websites and Using Identical Passwords this Holiday Season

Learn how to mitigate online shopping threats and keep your personal data safe this holiday season.

Read More
December 8, 2020
|
By
Vectra
How to Track Attackers as They Move to Your Network from the Cloud

Most solutions today provide siloed views of an account, making it impossible to track attack progression across the cloud and network—except ours. We're excited to release a unified view of an account, one that tracks attacker behaviors across network and cloud.

Read More
December 3, 2020
|
By
Vectra
How Attackers Use Business Email to Compromise Office 365

With more than 200 million monthly subscribers, Office 365 is a rich target for cybercriminals. Learn why MFA no longer stops attackers in this new cybersecurity landscape but network detection and response can.

Read More
November 18, 2020
|
By
Vectra
Protecting Cloud Users and Data Across the Entire Network with Expanded Cloud Services

Learn how Vectra protects users and data beyond the traditional network by detecting malicious intent and tracking and stopping attackers who move between cloud, hybrid, and enterprise—ultimately reducing the risk of breach.

Read More
November 5, 2020
|
By
Vectra
The Business of Ransomware is Changing—Detection and Response Needs to Change Too

“Ransomware operators” are rational economic entities that have evolved their tactics to optimize their ill-gotten financial returns. Their behavior changes mean detection and response approaches must change too.

Read More
October 28, 2020
|
By
Vectra
Incident Response and Knowing When to Automate

The goal of an efficient incident response process is to free-up security analyst's time to focus on higher value work that requires critical thinking. Learn how automation can be applied to a detection and response process.

Read More
October 26, 2020
|
By
Vectra
A Tale of Two Attacks: Shining a Security Spotlight on Microsoft Office 365

Vectra research highlights how attackers are using built-in tools and services to attack Office 365. We examine two such attacks that were detected and thwarted by organizations protected by Cognito Detect for Office 365.

Read More
October 20, 2020
|
By
Vectra
How to Win the Cybersecurity Battle in Healthcare

When you factor in how long it takes to discover a data breach, it suggests that healthcare is losing the battle. Discover a fundamental approach being advocated by a growing number of healthcare security professionals.

Read More
October 20, 2020
|
By
Vectra
Vectra and Splunk Partner on Mission Control for an Out of this World Launch

Vectra announces the expansion of the partnership with Splunk as a launch partner for Splunk Mission Control, a cloud-based and future-ready unified security operations platform.

Read More
October 19, 2020
|
By
Vectra
The Office 365 Tools and Open Services Attackers Love to Use

Attackers are using legitimate tools built into Microsoft Office 365 to perform reconnaissance, move laterally, and extend their attacks. OurSpotlight Report on Office 365 identifies what they’re up to and where you should be looking.

Read More
October 15, 2020
|
By
Vectra
Vectra and CrowdStrike Turn the Tables on Cyberattackers

Learn more about how Vectra’s new Detect Lockdown feature, made possible by integrating with CrowdStrike Falcon Insight Endpoint Detection and Response (EDR), enables you to automatically thwart cyberattackers on the device level.

Read More
October 14, 2020
|
By
Vectra
Incident Response Maturity and the Roadmap to Success

Discover how maturity and capability can be defined and measured across the five stages of the maturity model based on the desired level of risk awareness.

Read More
October 13, 2020
|
By
Vectra
What We Saw in 90 days from 4 Million Microsoft Office 365 Accounts

Read the Office 365 Spotlight Report to learn about the primary cybersecurity threats that can lead to Office 365 takeovers and breaches.

Read More
September 30, 2020
|
By
Vectra
Incident Response and the Need for Speed

A mature incident response process provides the benefit of faster response to reduce the amount of time an attacker has access to organization resources. Discover the metrics security teams can use to measure risk and mitigation.

Read More
September 29, 2020
|
By
Vectra
The Psychology Behind an Insider Threat

Analyzing the psychology of an insider threat case is a complex task because there is little evidence and scant public data about threat incidents. Develop an improved understanding of the mind of malicious insiders with the multiple life-stage model.

Read More
September 22, 2020
|
By
Vectra
Insider Threats: What to Look For and How to Respond

Evaluating risk factors is the first step in implementing an effective insider threat program. Learn why implementing preventative solutions like network detection and response can minimize financial loss and risk of a breach.

Read More
September 15, 2020
|
By
Vectra
The Two Types of Insider Threats

What danger do malicious and negligent insiders constitute and what kind of insider threats exist? Is your organization safe? Learn to spot the two types of insider threats.

Read More
August 5, 2020
|
By
Vectra
Using Vectra to Detect and Stop Maze Ransomware

Maze ransomware can spread across a corporate network, infecting computers it finds and encrypting data so it cannot be accessed. Learn what a Maze attack progression looks like and how you can defend against these types of threats.

Read More
July 28, 2020
|
By
Vectra
Vendor Collaboration in the Cybersecurity Industry is Essential (and Our Customers Deserve It)

We need more than just APIs. When security vendors truly collaborate and integrate their tools, we enable our customer’s security teams to further improve the agility, efficiency and efficacy of their security operations.

Read More
July 21, 2020
|
By
Vectra
Expertise That Unlocks the Potential within Your Security Operations

The newly announced Vectra services enable our customers to produce positive security outcomes, optimize security operations, and backup their teams when it matters most, with access to Vectra experts.

Read More
June 30, 2020
|
By
Vectra
The Sizable Risk of Cyber Well-being in Healthcare

Healthcare’s shift to the cloud is not new. However,COVID-19 has accelerated the roadmap for cloud adoption leaving healthcare security teams in a reactive mode rather than staying proactive to head-off the spread of potential attacks.

Read More
April 13, 2020
|
By
Vectra
New Partner Training

Vectra is pleased to announce the launch of two new training certification tracks for our partners. The VPSE certification is geared toward sales engineers, while our VSP certification focuses on positioning and selling Vectra Cognito.

Read More
February 26, 2020
|
By
Vectra
Vectra + Sentinel One

Together, Vectra and Sentinel One lead to fast and well-coordinated responses across all resources, enhance the efficiency of security operations and reduce the dwell times that ultimately drive risk for the business.

Read More
February 25, 2020
|
By
Vectra
Cybereason Integration: Obtain Full Visibility and Faster Responses

Together, Cognito and Cybereason provides visibility into all enterprise environments, supporting hybrid, multi-cloud, or on-premises deployments with ease to combat against today’s modern cyberattacks.

Read More
February 11, 2020
|
By
Vectra
Vectra SaaS Detections – Office 365

With increasingly sophisticated threats, cyber-risk is becoming an escalating concern for organizations around the world. Data breaches through Office 365 lead the pack as 40% of organizations suffer from account takeovers despite the rising adoption of incremental security approaches like multi-factor authentication.

Read More
December 13, 2019
|
By
Vectra
Achieving Threat Hunting Consistency with the MITRE ATT&CK Matrix

Thinking about threat hunting by using terms from the MITRE’s ATT&CK Matrix to frame the context and guide what you can and cannot see within your environment.

Read More
December 3, 2019
|
By
Vectra
Vectra Integrates AI-driven Network Threat Detection and Response with AWS VPC Ingress Routing

Vectra now integrates with Amazon Virtual Private Cloud (VPC) Ingress Routing and that our AI platform is currently available in the AWS Marketplace.

Read More
November 19, 2019
|
By
Vectra
Conduct Faster, Context-driven Investigations into Active Cyberattacks with Vectra and Chronicle

The Cognito threat detection and response platform from Vectra now seamlessly integrates AI-based threat hunting and incident response of Chronicle Backstory, a global security telemetry platform, for increased context during investigations and hunts and greater operational intelligence.

Read More
November 11, 2019
|
By
Vectra
Automate Response and Speed Remediation with Swimlane and Vectra

That’s why we are happy to announce the integration of Vectra Cognito automated threat detection and response platform with the Swimlane security orchestration, automation and response (SOAR) platform.

Read More
November 4, 2019
|
By
Vectra
Forescout Integration: Gain Real-time Visibility and Automated Response

The integration of the Cognito network detection and response platform with the Forescout device visibility and control platform provides inside-the-network threat detection and response, a critical layer of defense in today’s security infrastructure.

Read More
October 28, 2019
|
By
Vectra
Check Point Integration: Gain Continuous Threat Visibility and Enforcement

The integration between the Cognito automated network detection and response platform and Check Point Next Generation Firewalls empowers security staff to quickly expose hidden attacker behaviors, pinpoint specific hosts involved in a cyberattack and contain threats before data is lost.

Read More
September 25, 2019
|
By
Vectra
RDP Attacks and the Organizations They Target

By analyzing data in the 2019 Black Hat Edition of the Attacker Behavior Industry Report from Vectra, we determined that RDP abuse is extremely prevalent in the real world. 90% of the organizations where the Cognito platform is deployed exhibited some form of suspicious RDP behaviors from January-June 2019.

Read More
September 17, 2019
|
By
Vectra
CrowdStrike, Splunk and Vectra—a Powerful Triad to Find and Stop Cyberattacks

The combination of network detection and response (NDR), endpoint detection and response (EDR) and log-based detection (SIEM) allows security professionals to have coverage across threat vectors from cloud workloads to the enterprise.

Read More
September 9, 2019
|
By
Vectra
Privileged Access Analytics

Since the early days of Vectra, we’ve been focused primarily on host devices. After all, hosts are the entities that generate the network traffic the Cognito platform analyses in looking for attacker behaviors.

Read More
August 7, 2019
|
By
Vectra
Ransomware Doesn’t Discriminate. It Only Cares about Money.

Modern ransomware has been heavily weaponized, has a sweeping blast radius and is a staple tool in the attacker’s arsenal. In a call to arms, cloud and enterprise organizations everywhere are scrambling to detect and respond early to ransomware attacks.

Read More
July 25, 2019
|
By
Vectra
Survival Guide: Being Secure at Black Hat 2019

Tens of thousands of hackers and security researchers congregate in Las Vegas to participate in one of the largest hacker conventions in the world. Many of them are out to hack your device and put you on the infamous Wall of Sheep.

Read More
July 23, 2019
|
By
Vectra
Notable Insights from the Gartner Market Guide for Intrusion Detection and Prevention Systems

Earlier this month, the Gartner Market Guide for Intrusion Detection and Prevention Systems that describes the market definition and direction of requirements that buyers should look for in their IDPS solution as well as the top use-cases that drive IDPS today.

Read More
July 16, 2019
|
By
Vectra
Encrypted Command and Control: Can You Really Cover Your Tracks?

Most sessions on the internet today are encrypted. By any measure, more than half of all internet traffic uses TLS to encrypt client/server communication.

Read More
June 20, 2019
|
By
Vectra
Threat Behaviors in the Attack Lifecycle

There are multiple phases in an active cyberattack and each is a perilous link in a complex kill-chain that gives criminals the opportunity to spy, spread and steal critical information in native and hybrid cloud workloads and user and IoT devices.

Read More
June 18, 2019
|
By
Vectra
Comparing Vectra and Verizon Threat Research

As the transformation of healthcare through new medical technology continues to move forward, healthcare organizations must remain mindful about what technologies are in place, how they are utilized, and when unauthorized actions occur.

Read More
June 4, 2019
|
By
Vectra
Tapis dans l'ombre : les cinq principaux comportements malveillants de propagation latérale

Au fil de l'évolution du paysage des menaces, l'équipe de Vectra a pu constater qu'une part importante des budgets informatiques est consacrée à renforcer les équipes de sécurité et la protection du périmètre réseau. L'objectif des entreprises est d'améliorer la détection des menaces et d'accélérer le tri des alertes.

Read More
May 27, 2019
|
By
Vectra
Die Top 5 der Vorgehensweisen beim Lateral Movement

Bei Vectra nehmen wir zurzeit wahr, wie Unternehmen als Reaktion auf die Entwicklungen in der Bedrohungslandschaft immer höhere Budgets für den Ausbau der Sicherheitsteams und die Erweiterung des Perimeter-Schutzes einsetzen. Hintergrund sind ihre Bemühungen, die Bedrohungserkennung zu verbessern und die Triage zu beschleunigen.

Read More
May 21, 2019
|
By
Vectra
Not All Data is Created the Same

Vectra customers and security researchers respond to some of the world’s most consequential threats. And they tell us there’s a consistent set of questions they must answer when investigating any given attack scenario. Starting with an alert from Cognito Detect, another security tool, or their intuition, analysts will form a hypothesis as to what is occurring.

Read More
May 7, 2019
|
By
Vectra
Three Cornerstones of the SOC Nuclear Triad

Although NDR and EDR can provide perspective on this, NDR is more critical because it provides perspective where EDR cannot. For example, exploits that operate at the BIOS level of a device can subvert EDR.

Read More
April 30, 2019
|
By
Vectra
Why Network Metadata Is Just Right for Your Data Lake

The collection and storage of network metadata strikes a balance that is just right for data lakes and SIEMs. Metadata enables security operations teams to craft queries that interrogate the data and lead to deeper investigations.

Read More
April 30, 2019
|
By
Vectra
Visibilité, détection et aide à la résolution des incidents avec une architecture sans outil SIEM

Lorsqu'elles élaborent leur programme de résolution des incidents, les équipes de sécurité sont confrontées à un défi de taille : trouver le juste milieu entre l'impératif de visibilité, de détection et de résolution des incidents d'une part, et le coût et la complexité du développement et de la gestion d'un dispositif de sécurité fonctionnel et performant d'autre part.

Read More
April 25, 2019
|
By
Vectra
Apprentissage automatique : la pierre angulaire de l'analyse du trafic réseau

Imaginez un outil de sécurité qui pense exactement comme vous lui apprenez à penser, qui agit au moment opportun et selon les modalités que vous lui avez enseignées. Plus besoin d'adapter vos habitudes de travail à des règles génériques définies par quelqu'un d'autre. Plus besoin de vous demander comment pallier les failles de sécurité qui ne sont pas couvertes par ces règles.

Read More
April 25, 2019
|
By
Vectra
Maschinelles lernen: die ideale basis für network traffic analytics (NTA)

Maschinelles Lernen, der Grundstein der Network Traffic Analytics (NTA) – das ist Technik, die in Ihrem Namen agieren kann, um Ihnen bessere Einblicke in Ihre Infrastruktur zu verschaffen, um die Leistung Ihrer Bedrohungserkennung zu erhöhen und um es Ihnen zu erleichtern, wirklich kritische Bedrohungen gut zu überstehen.

Read More
April 5, 2019
|
By
Vectra
Bedrohungserkennung und Response mit einer Architektur ohne SIEM

Eine der großen Herausforderungen beim Aufsetzen eines guten Incident-Response-Programms besteht darin, die notwendigen Verbesserungen bei der Netzwerk-Transparenz, der Bedrohungserkennung und einer schlagkräftigen Response gegen die Kosten und die Komplexität abzuwägen, die der Aufbau und der Betrieb eines gut einsetzbaren und effektiven Security-Stacks mit sich bringt.

Read More
April 1, 2019
|
By
Vectra
Lurking in the Shadows: Top 5 Lateral Spread Threat Behaviors

When considering how to equip your security teams to identify lateral movement behaviors, we encourage the evaluation of the efficacy of your processes and tools to identify and quickly respond to the top 5 lateral movement behaviors that we commonly observe.

Read More
March 20, 2019
|
By
Vectra
Visibility, Detection and Response Using a SIEM-less Architecture

There is a new breed of SIEM-less security architecture that allows companies to leverage intelligent people with general IT experience to become the next-generation of security analysts.

Read More
November 1, 2018
|
By
Vectra
Most Attacks Against Energy and Utilities Occur in the Enterprise IT Network

The United States has not been hit by a paralyzing cyberattack on critical infrastructure like the one that sidelined Ukraine in 2015. That attack disabled Ukraine's power grid, leaving more than 700,000 people in the dark.

Read More
September 20, 2018
|
By
Vectra
Enquête de la conférence Black Hat 2018: le temps et les compétences avant tout

La conférence BlackHat est formidable. Il n'existe pas de meilleur endroit pour découvrir la réalité de notre secteur, notamment ce qui préoccupe vraiment les professionnels de la sécurité des informations. Comme nous voulons toujours être en phase avec nos clients, il nous a semblé que la conférence BlackHat offrait l'occasion idéale de leur demander ce qui leur importe.

Nous avons mené l'enquête

Pour mieux comprendre ce qui compte pour nos clients, nous avons mené une simple enquête axée sur quatre questions à la conférenceBlack Hat.

Read More
August 22, 2018
|
By
Vectra
2018 Black Hat Superpower Survey: It's About Time and Talent

We love Black Hat. It’s the best place to learn what information security practitioners really care about and what is the truth of our industry. Because we want to always be relevant to customers, we figured Black Hat is an ideal event to ask what matters.

Read More
August 8, 2018
|
By
Vectra
Cyberattack Detections from More Than 250 Vectra Customers with Over 4 Million Devices and Workloads

Recently, Vectra published the 2018 Black Hat Edition of the Attacker Behavior Industry Report, which covers the period from January through June 2018. While there are plenty of threat-research reports out there, this one offers unique insights about real-world cyberattacker behaviors found in cloud, data center and enterprise networks.

Read More
July 11, 2018
|
By
Vectra
Breaking Ground: Understanding and Identifying Hidden Tunnels

Recently, we made an alarming discovery: hackers are using hidden tunnels to break into and steal from financial services firms! Clearly, this is serious business if it involves bad guys targeting massive amounts of money and private information. But what exactly are we dealing with? Let’s dig into what hidden tunnels are and how I find them to uncover the answer.

Read More
June 4, 2018
|
By
Vectra
Giving Incident Responders Deeper Context About What Happened

Cybersecurity analysts are overwhelmed with security events that need to be triaged, analyzed, correlated and prioritized. If you’re an analyst, you probably have some incredible skills but are being held back by tedious, manual work.

Read More
May 14, 2018
|
By
Vectra
Alarmierende Zunahme des Minings für Kryptowährungen an Hochschulen

Während 2017 noch Ransomware-Attacken wie NotPetya und WannaCry die Schlagzeilen beherrschten und den Angreifern eine Menge Geld einbrachten, nahm still und leise bereits das Krypto-Mining Fahrt auf – der Thronfolger der Ransomware, wenn es um opportunistische Verhaltensauffälligkeiten in IT-Netzen geht, mit denen Cyberkriminelle finanziellen Gewinn erzielen wollen.

Der unten wiedergegebene Reddit-Post zeigt recht anschaulich, in welchem Maße das Krypto-Mining für die Universitäten heute ein Problem darstellt. In einigen Fällen setzen geschäftstüchtige Studenten High-End-Computer fürs Mining ein, in anderen Fällen starten sie eine ganze Armee von Botnets zum selben Zweck.

Read More
March 29, 2018
|
By
Vectra
The Alarming Surge in Cryptocurrency Mining on College Campuses

While ransomware attacks like NotPetya and WannaCry were making headlines (and money) in 2017, cryptocurrency mining was quietly gaining strength as the heir apparent when it comes to opportunistic behaviors for monetary gain.

Read More
February 27, 2018
|
By
Vectra
Mensch + Maschine: Im Kampf gegen Cyber-Threats

Zeit ist Geld im Kampf gegen Cyber-Attacken. Dem Ponemon-Institut zufolge liegen die mit einer Verletzung der Informationssicherheit verbundenen Kosten im Mittel bei 3,62 Millionen Dollar. Schafft man es, die Zeit bis zur Erkennung und Eindämmung eines Incidents zu reduzieren, lassen sich diese Aufwände signifikant verringern oder möglicherweise sogar verhindern.

Der Reifegrad und die Effektivität sind zwei der wichtigsten Maßeinheiten für die Leistungsfähigkeit eines SOCs. Die Reife gibt dabei an, welches Entwicklungsniveau ein Unternehmen in Bezug auf seinen Ansatz zum Management von Cyber-Security-Risiken erreicht hat, wobei dies den Grad des Bewusstseins für Risiken und Bedrohungen, die Reproduzierbarkeit erprobter Prozesse und die Anpassungsfähigkeit an neue Bedrohungen einschließt. Der Faktor Effektivität bestimmt, wie gut ein SOC einen Incident erkennt und bekämpft, sobald er eintritt.

Read More
February 7, 2018
|
By
Vectra
Angreifer kapern Admin-Tools – für Spionage, Infiltration & Diebstahl

Im meinem letzten Blogbeitrag habe ich über einen Kunden aus der Finanzbranche und seine Pen-Tests geschrieben und berichtet, wie ich dem Abwehrteam (Blue Team) half, das Team der Angreifer (Red Team) auf frischer Tat zu ertappen.

Read More
January 26, 2018
|
By
Vectra
Attackers Can Use Your Admin Tools to Spy, Spread, and Steal

In my last blog, I spoke about a financial customer performing pen testing and how I helped the blue team detect the red team as it carried-out an attack. I’m back again today with another story from the trenches.

Read More
January 15, 2018
|
By
Vectra
Vectra ist der einzige Visionär im Gartner Magic Quadrant 2018 für IDPS

Gartner hat Vectra® kürzlich als den einzigen „Visionär“ in seinem Magic Quadrant 2018 für Intrusion-Detection- und -Prevention-Systeme (IDPS) positioniert.

Read More
January 12, 2018
|
By
Vectra
Vectra Is Positioned as the Sole Visionary in the 2018 Gartner Magic Quadrant for IDPS

Vectra® was recently positioned as the sole Visionary in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS). Over the years, intrusion detection systems (IDS) have converged with intrusion prevention systems (IPS) and the two are now known collectively as IDPS.

Read More
December 11, 2017
|
By
Vectra
A Sinuous Journey Through ``tensor_forest``

The random forest (RF) model, first proposed by Tin Kam Ho in 1995, is a subclass of ensemble learning methods that is applied to classification and regression. An ensemble method constructs a set of classifiers—a group of decision trees, in the case of RF—and determines the label for each data instance by taking the weighted average of each classifier’s output.

Read More
May 16, 2017
|
By
Vectra
Vectra Detection and Response to WannaCry Ransomware

Vectra Threat Labs analyzed the WannaCry ransomware to understand its inner workings. They learned that while the way it infects computers is new, the behaviors it performs are business as usual.

Read More
May 13, 2017
|
By
Vectra
Fighting the Ransomware Pandemic

A ransomware attack is spreading very rapidly among unpatched Windows systems worldwide. This morning, the attack was initially believed to target the UK National Health Service, but throughout the day, it has become apparent this is a global attack.

Read More
February 9, 2017
|
By
Vectra
Splunk Integration: A Deep Dive into the Adaptive Security Architecture

Integration decreases cost and increases effectiveness. For this reason, Vectra is adaptive by design. Everything we do considers how to help our customers be more efficient and faster at fighting attacks. Sometimes it involves determining where to deliver sophisticated threat intelligence beyond the Vectra. Working with Splunk is a great example of this integration.

Read More
February 7, 2017
|
By
Vectra
An Analysis of the Shamoon 2 Malware Attack

In 2012, Shamoon crippled Saudi Aramco and this new variant was reportedly targeted at the Saudi labor ministry as well as several engineering and manufacturing companies. During a recent analysis, Vectra Networks came across a malicious component that appears to be used in conjunction with spear-phishing-delivered malicious documents.

Read More
February 2, 2017
|
By
Vectra
What’s an Adaptive Security Architecture and Why Do You Need It?

As long as I can recall, enterprises have always relied on prevention and policy-based controls for security, deploying products such as antivirus software, IDS/IPS and firewalls. But as we now know, and industry research firms have stated, they aren’t enough to adequately deal with today’s threat environment, which is flooded by a dizzy array of advanced and targeted attacks.

Read More
January 17, 2017
|
By
Vectra
Security Automation Isn't AI Security

In the Information Security (InfoSec) community, AI is commonly seen as a savior—an application of technology that will allow businesses to more rapidly identify and mitigate threats, without having to add more humans. That human factor is commonly seen as a business inhibitor as the necessary skills and experience are both costly and difficult to obtain.

Read More
January 11, 2017
|
By
Vectra
The UEBA Market Will Be Gone by 2022

This is a prediction made by Gartner analyst Avivah Litan in her latest blog entry, The Disappearing UEBA Market. Of course it caught our attention here at Vectra. We are not a standalone UEBA company, nor do we want to be. First and foremost, we are an AI company that empowers threat hunters. But we often find ourselves in this discussion with people who believe UEBA alone will solve the world's problems (and possibly make coffee in the morning, too).

Read More
December 15, 2016
|
By
Vectra
Encrypt Everything. Don’t Let Security Be the Reason You Don’t (and Attackers Do)

Enterprises have a strategy to encrypt everything. With this encryption however, attempts to perform SSL decryption mean there will be large volumes of encrypted data to process.

Read More
October 26, 2016
|
By
Vectra
Moonlight – Targeted Attacks in the Middle East

Vectra Threat Labs researchers have uncovered the activities of a group of individuals currently engaged in targeted attacks against entities in the Middle East. These attacks are themed around Middle Eastern political issues and the motivation appears to relate to espionage, as opposed to opportunistic or criminal intentions.

Read More
September 28, 2016
|
By
Vectra
Exploiting the Firewall Beachhead: A History of Backdoors into Critical Infrastructure

Sitting at the edge of the network and rarely configured or monitored for active compromise, the firewall today is a vulnerable target for persistent and targeted attacks.

Read More
July 12, 2016
|
By
Vectra
The New Vulnerability that Creates a Dangerous Watering Hole in Your Network

Security researchers with Vectra Threat Labs recently uncovered a critical vulnerability affecting all versions of Microsoft Windows reaching all the way back to Windows 95. The vulnerability allows an attacker to execute code at system level either over a local network or the Internet. As a result, attackers could use this vulnerability both to infect an end-user from the Internet, and then spread through the internal network.

Read More
March 30, 2016
|
By
Vectra
Canary in the Ransomware Mine

Ransomware is clearly the scourge of 2016. Every week there is a new and notable enterprise-level outbreak of this insidious class of malware—crippling and extorting an ever widening array of organizations.

Read More
February 18, 2016
|
By
Vectra
Apple vs. the FBI: Some Points to Consider

In light of Apple’s response to the FBI’s request to gain access to San Bernardino shooter Syed Farook’s iPhone, it appears that there is some confusion in the connection of this request from the FBI with the bigger government debate on providing backdoors and encryption.

Read More
January 20, 2016
|
By
Vectra
Blocking Shodan

The Internet is chock full of really helpful people and autonomous systems that silently probe, test, and evaluate your corporate defenses every second of every minute of every hour of every day. If those helpful souls and systems aren’t probing your network, then they’re diligently recording and cataloguing everything they’ve found so others can quickly enumerate your online business or list systems like yours that are similarly vulnerable to some kind of attack or other.

Read More
January 12, 2016
|
By
Vectra
Turning a Webcam into a Backdoor

Reports of successful hacks against Internet of Things (IoT) devices have been on the rise. Most of these efforts have involved demonstrating how to gain access to such a device or to break through its security barrier.

Read More
November 3, 2015
|
By
Vectra
Will IDS Ever Be Able to Detect Intrusions Again?

The need to block threats within milliseconds locks IDS/IPS into using signatures for detections. While signatures can detect a wide variety of threats, they rely on the fast-pattern-matching of known threats.

Read More
August 19, 2015
|
By
Vectra
Belkin F9K1111 V1.04.10 Firmware Analysis

Recently, it came to our attention that HP DVLabs has uncovered at least tenvulnerabilitiesin the Belkin N300 Dual-Band Wi-Fi Range Extender (F9K1111). As this is the first update issued for the F9K1111 and there were not any public triggers for the vulnerabilities, we thought it would be interesting to take a deeper look.

Read More
June 12, 2015
|
By
Vectra
Duqu: The Sequel

Recently, Kasperky Labs disclosed that it was the victim of a sophisticated cyber attack, which they have named Duqu 2.0. The team at Kaspersky Labs has published a detailed analysis of Duqu 2.0 and it’s definitely worth a read.

Read More
May 15, 2015
|
By
Vectra
Automate Detection of Cyberthreats in Real Time. Why Wait?

Time is a big expense when it comes to detecting cyber threats and malware. The proliferation of new malware variants makes it impossible to detect and prevent zero-day threats inreal-time. Sandboxing takes at least 30 minutes to analyze a file and deliver a signature—and by then, threats will have spread to many more endpoints.

Read More
March 27, 2015
|
By
Vectra
Do You Know How to Protect Your Key Assets?

Security breaches did not stop making headlines in recent months, and while hackers still go after credit card data, the trends goes towards richer data records and exploiting various key assets inside an organization. As a consequence, organizations need to develop new schemes to identify and track key information assets.

The biggest recent breach in the financial industry occurred at JP Morgan Chase, with an estimated 76 million customer records and another 8 million records belonging to businesses stolen from several internal servers. At Morgan Stanley, an employee of the company’s wealth management group was fired after information from up to 10% of Morgan Stanley’s wealthiest clientele was leaked. Even more sensitive was the largest health-care breach thus far: at Anthem, over 80 million records containing personally identifiable information (PII) including social security numbers were exposed. Less well-known, but potentially more costly in terms of damage and litigation is the alleged theft of trade secrets by the former CEO of Chesapeake’s Energy (NYSE: CHK).

Read More
January 10, 2015
|
By
Vectra
Insider Threats Detection: Common Indicators & Prevention Strategies

Not all breaches come from external malicious actors. Learn all about insider threats, the common indicators and useful prevention strategies in our blog post.

Read More