Vectra

Cybersecurity

Vectra® is the world leader in AI-powered network detection and response.

All blog posts from this author

Threat detection

How to Track Attackers as They Move to Your Network from the Cloud

December 8, 2020
Read blog post
Security operations

Expertise That Unlocks the Potential within Your Security Operations

July 21, 2020
Read blog post
Industry

A Tale of Two Attacks: Shining a Security Spotlight on Microsoft Office 365

October 26, 2020
Read blog post
Cybersecurity

Confronting Risk and Exposure in Healthcare

July 15, 2021
Read blog post
Cybersecurity

ホリデーシーズンは悪質なウェブサイトに特にご注意を

December 10, 2020
Read blog post
Security operations

Incident Response Maturity and the Roadmap to Success

October 14, 2020
Read blog post
Cybersecurity

Fighting the Ransomware Pandemic

May 13, 2017
Read blog post
Cybersecurity

Ransomware doesn’t discriminate. It only cares about money.

August 7, 2019
Read blog post
Cybersecurity

Achieving Threat Hunting Consistency with the MITRE ATT&CK Matrix

December 13, 2019
Read blog post
Industry

The Office 365 Tools and Open Services Attackers Love to Use

October 19, 2020
Read blog post
Threat detection

How Attackers Use Business Email to Compromise Office 365

December 3, 2020
Read blog post
Industry

What We Saw in 90 days from 4 Million Microsoft Office 365 Accounts

October 13, 2020
Read blog post
Artificial Intelligence

Insider Threats Detection: Common Indicators & Prevention Strategies

January 10, 2015
Read blog post
Threat detection

Using Vectra to Detect and Stop Maze Ransomware

August 5, 2020
Read blog post
Industry

The Sizable Risk of Cyber Well-being in Healthcare

June 30, 2020
Read blog post
Security operations

Incident Response and the Need for Speed

September 30, 2020
Read blog post
Industry

How to Win the Cybersecurity Battle in Healthcare

October 20, 2020
Read blog post
Integration

Vectra and Splunk Partner on Mission Control For an Out of this World Launch

October 20, 2020
Read blog post
Security operations

Incident Response and Knowing When to Automate

October 28, 2020
Read blog post
Security operations

The Business of Ransomware is Changing—Detection and Response Needs to Change Too

November 5, 2020
Read blog post
Cybersecurity

Beware of Malicious Websites and Using Identical Passwords this Holiday Season

December 10, 2020
Read blog post
Security research

SUNBURST & The World’s Largest Supply Chain Cyber Attack | Vectra AI

February 17, 2021
Read blog post
Security operations

Chronicle integration: Conduct faster, context-driven investigations into active cyberattacks with Vectra and Chronicle

November 19, 2019
Read blog post
Security operations

Swimlane integration: Automate response and speed remediation with Swimlane and Vectra

November 11, 2019
Read blog post
Security operations

Forescout integration: Gain real-time visibility and automated response

November 4, 2019
Read blog post
Security operations

Check Point integration: Gain continuous threat visibility and enforcement

October 28, 2019
Read blog post
Industry

90日間、400万件のMicrosoft Office 365アカウントから見えてきたこと

October 13, 2020
Read blog post
Cybersecurity

2つのケーススタディ:Microsoft Office 365 のセキュリティ

October 26, 2020
Read blog post
Threat detection

攻撃者がビジネスメールを使ってOffice 365を侵害する方法

December 3, 2020
Read blog post
Industry

攻撃者が使用するOffice 365ツールとオープンサービス

October 19, 2020
Read blog post
Infrastructure

BGP-Piraten: “… und dieser Traffic geht nach Russland!“

December 20, 2017
Read blog post
Cybersecurity

Sicherheitslücke Smartphone

March 8, 2016
Read blog post
Security operations

Remote Work, Not Remote Control

March 25, 2020
Read blog post
Cybersecurity

Maschinelles Lernen gegen Insider Threats

December 14, 2015
Read blog post
Security operations

Statement zum aktuellen BSI Bericht zur Lage der IT-Sicherheit in Deutschland 2015

November 20, 2015
Read blog post
Artificial Intelligence

Deep Learning in der Cybersicherheit

August 22, 2017
Read blog post
Breach

Petya: Cyberkriminelle lernen voneinander, Unternehmen sollten dies auch tun

June 28, 2017
Read blog post
Cybersecurity

Mangel an IT-Sicherheitsexperten spitzt sich zu

June 13, 2017
Read blog post
Threat detection

US-Wahl 2016: Pfusch beim Umgang mit Big Data

November 18, 2016
Read blog post
Breach

Ransomware-Angriffe – Unvorbereitete Unternehmen zahlen hohen Preis

October 25, 2016
Read blog post
Infrastructure

Wie man Angriffserkennung ins Rechenzentrum bringt

September 27, 2016
Read blog post
Infrastructure

Vectra Networks – Neue Partnerschaften helfen Kunden Sicherheitslücken zu schließen

August 12, 2016
Read blog post
Breach

Digitale Vernetzung erleichtert Hackern Angriff auf unsere Daten

April 22, 2016
Read blog post
Breach

Algorithmen als Schlüssel effektiver Hackerangriff-Erkennung

February 15, 2016
Read blog post
Cybersecurity

Healthcare is one of cybercrime’s most targeted sectors

January 26, 2017
Read blog post
Cybersecurity

Enquête de la conférence Black Hat 2018: le temps et les compétences avant tout

September 20, 2018
Read blog post
Threat detection

Alarmierende Zunahme des Minings für Kryptowährungen an Hochschulen

May 14, 2018
Read blog post
Cybersecurity

Shamoon 2: Same or better than the original?

January 28, 2017
Read blog post
Security operations

Vectra is positioned as the sole visionary in the 2018 Gartner Magic Quadrant for IDPS

January 12, 2018
Read blog post
Cybersecurity

Man + machine is the winning combo for combating cyber threats

August 10, 2017
Read blog post
Cybersecurity

Visibilité, détection et aide à la résolution des incidents avec une architecture sans outil SIEM

April 30, 2019
Read blog post
Breach

Encrypt everything. Don’t let security be the reason you don’t (and attackers do)

December 15, 2016
Read blog post
Cybersecurity

Visibility, detection and response using a SIEM-less architecture

March 20, 2019
Read blog post
Cybersecurity

Vectra Threat Labs discovers vulnerabilities in Adobe Reader and Internet Explorer

October 14, 2015
Read blog post
Infrastructure

How AI detects and mitigates cyber attacks in software-defined data centers

June 23, 2017
Read blog post
Cybersecurity

Gain Visibility and Automate Threat Hunting in the Cloud with Gigamon and Vectra

September 13, 2017
Read blog post
Cybersecurity

Threat Behaviors in the Attack Lifecycle

June 20, 2019
Read blog post
Cybersecurity

An analysis of the Shamoon 2 malware attack

February 7, 2017
Read blog post
Artificial Intelligence

A sinuous journey through ``tensor_forest``

December 11, 2017
Read blog post
Cybersecurity

BGP hijackers: “This traffic is going to Russia!”

December 14, 2017
Read blog post
Threat detection

Cyberattack detections from more than 250 Vectra customers with over 4 million devices and workloads

August 8, 2018
Read blog post
Cybersecurity

The alarming surge in cryptocurrency mining on college campuses

March 29, 2018
Read blog post
Cybersecurity

Microsoft Internet Explorer 11 Zero-day

July 14, 2015
Read blog post
Breach

A behind-the-scenes look at how cybercriminals carry out attacks inside enterprise networks

June 14, 2017
Read blog post
Threat detection

Bedrohungserkennung und Response mit einer Architektur ohne SIEM

April 5, 2019
Read blog post
Cybersecurity

Goldeneye. Petya. WannaCry. It's all ransomware.

June 28, 2017
Read blog post
Cybersecurity

Comparing Vectra and Verizon threat research

June 18, 2019
Read blog post
Cybersecurity

Splunk integration: A deep dive into the adaptive security architecture

February 9, 2017
Read blog post
Breach

Vectra detection and response to WannaCry ransomware

May 16, 2017
Read blog post
Security operations

How to gain visibility into attacker behaviors inside cloud environments

June 10, 2019
Read blog post
Security operations

Don't let your cybersecurity vendor leave you vulnerable

March 23, 2017
Read blog post
Infrastructure

Vectra ist der einzige Visionär im Gartner Magic Quadrant 2018 für IDPS

January 15, 2018
Read blog post
Infrastructure

Cyberattack of the clones

November 27, 2016
Read blog post
Security operations

Turning a Webcam Into a Backdoor

January 12, 2016
Read blog post
Cybersecurity

Most attacks against energy and utilities occur in the enterprise IT network

November 1, 2018
Read blog post
Cybersecurity

The UEBA market will be gone by 2022

January 11, 2017
Read blog post
Threat detection

Vectra seul éditeur « visionnaire » du MQ 2018 de Gartner dans la catégorie IDPS

January 18, 2018
Read blog post
Artificial Intelligence

AI: Is science fiction on a collision course with science fact?

March 30, 2017
Read blog post
Infrastructure

The imminent threat against industrial control systems

November 30, 2017
Read blog post
Cybersecurity

Im Jahr 2022 ist der UEBA-Markt Geschichte

January 31, 2017
Read blog post
Security operations

2018 Black Hat Superpower Survey: It's about time and talent

August 22, 2018
Read blog post
Cybersecurity

Belkin F9K1111 V1.04.10 Firmware Analysis

August 19, 2015
Read blog post
Security operations

Mensch + Maschine: Im Kampf gegen Cyber-Threats

February 27, 2018
Read blog post
Security research

SUNBURST問題まとめ:既存のアクセスモデルによる世界最大のサプライチェーン攻撃の経緯

February 17, 2021
Read blog post
Integration

Cybereasonとの連携:完全な可視化と素早い対応を可能に

February 25, 2020
Read blog post
Threat detection

特権アクセス分析

September 9, 2019
Read blog post
Security operations

CrowdStrike、Splunk、Vectra AI社 – サイバー攻撃の検知と阻止に向けた、3社による強力な施策

September 17, 2019
Read blog post
Cybersecurity

Die Top 5 der Vorgehensweisen beim Lateral Movement

May 27, 2019
Read blog post
Breach

Wie IoT Cyberangriffen Tür und Tor öffnen kann

November 17, 2015
Read blog post
Breach

Hat Sandboxing als Hacker-Abwehr ausgedient?

April 18, 2016
Read blog post
Breach

The new vulnerability that creates a dangerous watering hole in your network

July 12, 2016
Read blog post
Cybersecurity

What’s an adaptive security architecture and why do you need it?

February 2, 2017
Read blog post
Threat detection

Automate to optimise your security teams

January 4, 2016
Read blog post
Threat detection

Roundtable roundup from the European Information Security Summit

February 23, 2017
Read blog post
Artificial Intelligence

(Artificial) Intelligence on the EU GDPR

July 3, 2017
Read blog post
Integration

Vendor Collaboration in the Cybersecurity Industry is Essential (and Our Customers Deserve It)

July 28, 2020
Read blog post
Security operations

Vectra SaaS Detections – Office 365

February 11, 2020
Read blog post
Breach

The Anthem Breach and Security Going Forward

February 6, 2015
Read blog post
Cybersecurity

Introducing the Spring 2016 Post-Intrusion Report

April 20, 2016
Read blog post
Security operations

Three cornerstones of the SOC nuclear triad

May 7, 2019
Read blog post

Vectra

Cybersecurity

Vectra® is the world leader in AI-powered network detection and response.

Posts from

Vectra

August 18, 2021
|
By
Vectra
5 Areas Exposing Your AWS Deployments to Security Threats

Organizations continue to deploy rapidly in the cloud, while security is often an afterthought. Read about the five areas that could be exposing your AWS deployments to security threats. 

Read More
August 16, 2021
|
By
Vectra
Hacker Raises Hand, Claims T-Mobile Breach

T-Mobile investigates a hacker who claims to breach data of 100 million customers. See what possible outcomes this could result in for the telecoms company.

Read More
August 11, 2021
|
By
Vectra
Uncovering Security Blind Spots in IaaS and PaaS Environments

As organizations continue to build on AWS with no sign of slowing down, it’s important to know where the security blind spots are and how to address them.

Read More
August 4, 2021
|
By
Vectra
State of Security: How Pros Address Daily Cloud Security Challenges

The State of Security Report: PaaS and IaaS takes a close look at how organizations are addressing security in AWS and the challenges they face.

Read More
July 15, 2021
|
By
Vectra
Confronting Risk and Exposure in Healthcare

Attackers intent on stealing personally identifiable information (PII) and protected health information (PHI) can easily exploit gaps in IT security policies and procedures to disrupt critical healthcare-delivery processes.

Read More
June 29, 2021
|
By
Vectra
Demystifying Cloud Security with Forrester

The rapid shift to cloud-everything left users and apps vulnerable to security threats across all environments. Andras Cser from Forrester joined Joe Malenfant and Gokul Rajagopalan from Vectra to discuss cloud trends among organizations.

Read More
June 22, 2021
|
By
Vectra
5 Things to Know about DarkSide & Other Ransomware as a Service Groups

DarkSide ransomware as a service (RaaS) group provided hackers with a convenient way to extort money from organizations after access was gained. Here are five things you need to know about this prominent cybercriminal group.

Read More
June 16, 2021
|
By
Vectra
Vectra Introduces Detect for AWS: Threat Detection and Response for IaaS and PaaS

Vectra introduces Detect for AWS, solving threat detection and response for Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) environments.

Read More
February 17, 2021
|
By
Vectra
SUNBURST Highlights: How Current User Access Models Allowed World's Largest Supply Chain Attack

Vectra researchers have dissected the SolarWinds supply chain compromise from the initial backdoor to the establishment of persistent access in the data center and cloud environments. A specific focus is provided for Microsoft Office 365, which appears to have been a key target.

Read More
February 17, 2021
|
By
Vectra
SUNBURST問題まとめ:既存のアクセスモデルによる世界最大のサプライチェーン攻撃の経緯

Vectra AIのリサーチャーは、SolarWindsのサプライチェーンへの侵害を、最初のバックドアからデータセンターやクラウド環境での永続的なアクセスの確立に至るまで分析しました。中でも攻撃の主要なターゲットとなっているMicrosoft Office 365に焦点を当てました。

Read More
January 12, 2021
|
By
Vectra
Das Jahr im Rückblick – und das kommende Jahr

Es ist wieder an der Zeit, uns die jüngere Vergangenheit anzuschauen und in die Zukunft zu blicken und darauf, was uns das nächste Jahr in puncto Cyber-Sicherheit bringen wird.

Read More
December 10, 2020
|
By
Vectra
Beware of Malicious Websites and Using Identical Passwords this Holiday Season

Learn how to mitigate online shopping threats and keep your personal data safe this holiday season.

Read More
December 10, 2020
|
By
Vectra
ホリデーシーズンは悪質なウェブサイトに特にご注意を

Vectra AI社のセキュリティ分析責任者であるクChris Moralesが、オンラインショッピングの脅威を軽減し、ホリデーシーズンに個人データを安全に保つ方法を紹介いたします。

Read More
December 8, 2020
|
By
Vectra
How to Track Attackers as They Move to Your Network from the Cloud

Most solutions today provide siloed views of an account, making it impossible to track attack progression across the cloud and network—except ours. We're excited to release a unified view of an account, one that tracks attacker behaviors across network and cloud.

Read More
December 3, 2020
|
By
Vectra
How Attackers Use Business Email to Compromise Office 365

With more than 200 million monthly subscribers, Office 365 is a rich target for cybercriminals. Learn why MFA no longer stops attackers in this new cybersecurity landscape but network detection and response can.

Read More
November 18, 2020
|
By
Vectra
Protecting Cloud Users and Data Across the Entire Network with Expanded Cloud Services

Learn how Vectra protects users and data beyond the traditional network by detecting malicious intent and tracking and stopping attackers who move between cloud, hybrid, and enterprise—ultimately reducing the risk of breach.

Read More
November 5, 2020
|
By
Vectra
The Business of Ransomware is Changing—Detection and Response Needs to Change Too

“Ransomware operators” are rational economic entities that have evolved their tactics to optimize their ill-gotten financial returns. Their behavior changes mean detection and response approaches must change too.

Read More
October 28, 2020
|
By
Vectra
Incident Response and Knowing When to Automate

The goal of an efficient incident response process is to free-up security analyst's time to focus on higher value work that requires critical thinking. Learn how automation can be applied to a detection and response process.

Read More
October 26, 2020
|
By
Vectra
A Tale of Two Attacks: Shining a Security Spotlight on Microsoft Office 365

Vectra research highlights how attackers are using built-in tools and services to attack Office 365. We examine two such attacks that were detected and thwarted by organizations protected by Cognito Detect for Office 365.

Read More
October 26, 2020
|
By
Vectra
2つのケーススタディ:Microsoft Office 365 のセキュリティ

世界で最も利用されているSaaSアプリケーションであるOffice 365に対する攻撃についてまとめたレポートを2つのケーススタディと共にご紹介します。

Read More
October 20, 2020
|
By
Vectra
How to Win the Cybersecurity Battle in Healthcare

When you factor in how long it takes to discover a data breach, it suggests that healthcare is losing the battle. Discover a fundamental approach being advocated by a growing number of healthcare security professionals.

Read More
October 20, 2020
|
By
Vectra
Vectra and Splunk Partner on Mission Control for an Out of this World Launch

Vectra announces the expansion of the partnership with Splunk as a launch partner for Splunk Mission Control, a cloud-based and future-ready unified security operations platform.

Read More
October 19, 2020
|
By
Vectra
The Office 365 Tools and Open Services Attackers Love to Use

Attackers are using legitimate tools built into Microsoft Office 365 to perform reconnaissance, move laterally, and extend their attacks. OurSpotlight Report on Office 365 identifies what they’re up to and where you should be looking.

Read More
October 19, 2020
|
By
Vectra
攻撃者が使用する Office 365ツールと オープンサービス

90日間、400万件のOffice365アカウントを観察することで、組み込みのOffice 365機能を悪用した攻撃者のテクニックに関連した疑わしくハイリスクな振る舞いを特定することができました。

Read More
October 14, 2020
|
By
Vectra
Incident Response Maturity and the Roadmap to Success

Discover how maturity and capability can be defined and measured across the five stages of the maturity model based on the desired level of risk awareness.

Read More
October 13, 2020
|
By
Vectra
What We Saw in 90 days from 4 Million Microsoft Office 365 Accounts

Read the Office 365 Spotlight Report to learn about the primary cybersecurity threats that can lead to Office 365 takeovers and breaches.

Read More
October 13, 2020
|
By
Vectra
90日間、400万件のMicrosoft Office 365アカウントから見えてきたこと

Vectra AI社は、2020年Office 365スポットライトレポートを発表しました。レポートでは、Office365に対する主なサイバーセキュリティ攻撃についてまとめています。

Read More
September 30, 2020
|
By
Vectra
Incident Response and the Need for Speed

A mature incident response process provides the benefit of faster response to reduce the amount of time an attacker has access to organization resources. Discover the metrics security teams can use to measure risk and mitigation.

Read More
September 29, 2020
|
By
Vectra
The Psychology Behind an Insider Threat

Analyzing the psychology of an insider threat case is a complex task because there is little evidence and scant public data about threat incidents. Develop an improved understanding of the mind of malicious insiders with the multiple life-stage model.

Read More
September 22, 2020
|
By
Vectra
Insider Threats: What to Look For and How to Respond

Evaluating risk factors is the first step in implementing an effective insider threat program. Learn why implementing preventative solutions like network detection and response can minimize financial loss and risk of a breach.

Read More
September 15, 2020
|
By
Vectra
The Two Types of Insider Threats

What danger do malicious and negligent insiders constitute and what kind of insider threats exist? Is your organization safe? Learn to spot the two types of insider threats.

Read More
August 5, 2020
|
By
Vectra
Using Vectra to Detect and Stop Maze Ransomware

Maze ransomware can spread across a corporate network, infecting computers it finds and encrypting data so it cannot be accessed. Learn what a Maze attack progression looks like and how you can defend against these types of threats.

Read More
July 28, 2020
|
By
Vectra
Vendor Collaboration in the Cybersecurity Industry is Essential (and Our Customers Deserve It)

We need more than just APIs. When security vendors truly collaborate and integrate their tools, we enable our customer’s security teams to further improve the agility, efficiency and efficacy of their security operations.

Read More
July 21, 2020
|
By
Vectra
Expertise That Unlocks the Potential within Your Security Operations

The newly announced Vectra services enable our customers to produce positive security outcomes, optimize security operations, and backup their teams when it matters most, with access to Vectra experts.

Read More
June 30, 2020
|
By
Vectra
The Sizable Risk of Cyber Well-being in Healthcare

Healthcare’s shift to the cloud is not new. However,COVID-19 has accelerated the roadmap for cloud adoption leaving healthcare security teams in a reactive mode rather than staying proactive to head-off the spread of potential attacks.

Read More
February 26, 2020
|
By
Vectra
Vectra + Sentinel One

Together, Vectra and Sentinel One lead to fast and well-coordinated responses across all resources, enhance the efficiency of security operations and reduce the dwell times that ultimately drive risk for the business.

Read More
February 25, 2020
|
By
Vectra
Cybereason Integration: Obtain Full Visibility and Faster Responses

Together, Cognito and Cybereason provides visibility into all enterprise environments, supporting hybrid, multi-cloud, or on-premises deployments with ease to combat against today’s modern cyberattacks.

Read More
February 25, 2020
|
By
Vectra
Cybereasonとの連携:完全な可視化と素早い対応を可能に

CognitoとCybereasonの連携によって、ハイブリッドやマルチクラウド、オンプレミスなど、企業の全ての環境を可視化し、今日の最新サイバー攻撃に容易に対抗できるようになります。

Read More
February 11, 2020
|
By
Vectra
Vectra SaaS Detections – Office 365

With increasingly sophisticated threats, cyber-risk is becoming an escalating concern for organizations around the world. Data breaches through Office 365 lead the pack as 40% of organizations suffer from account takeovers despite the rising adoption of incremental security approaches like multi-factor authentication.

Read More
February 11, 2020
|
By
Vectra
Vectra製品のSaaS対応-Office 365

増々巧妙化する脅威の拡大に伴い、サイバーリスクは世界中の企業にとって深刻な問題となりつつあります。

多要素認証のような段階を踏んだセキュリティ手法の採用が増えているにも関わらず、40%もの企業がアカウントの乗っ取りに苦しむなど、Office 365を介したデータ侵害が際立っています。

Read More
December 17, 2019
|
By
Vectra
認証情報を盗難のリスクに晒すDridexが再浮上

PAAを利用することで、SOCチームは、これらのタイプの攻撃を監視し防御することができます。

コマンドアンドコントロールチャネルを検出する広範なモデルが加わったことによって、Cognitoプラットフォームは、進化するマルウェア攻撃に企業が対抗するための強力なツールとなります。

Read More
December 13, 2019
|
By
Vectra
Achieving Threat Hunting Consistency with the MITRE ATT&CK Matrix

Thinking about threat hunting by using terms from the MITRE’s ATT&CK Matrix to frame the context and guide what you can and cannot see within your environment.

Read More
December 13, 2019
|
By
Vectra
MITRE ATT&CK Matrix を使用した一貫性ある脅威ハンティングの実現

不正行為者の目的、テクニック、戦略を特定することで、単独のアクティビティとしてではなく、どのような手段で攻撃者がその目的を達成しようとしているのかという全体的な観点から、脅威のハンティングを行うことが可能になります。

Read More
December 3, 2019
|
By
Vectra
Vectra Integrates AI-driven Network Threat Detection and Response with AWS VPC Ingress Routing

Vectra now integrates with Amazon Virtual Private Cloud (VPC) Ingress Routing and that our AI platform is currently available in the AWS Marketplace.

Read More
December 3, 2019
|
By
Vectra
Vectra AI社が、AI駆動型ネットワーク上の脅威検知と対応ソリューションをAWS VPC Ingress Routingと統合

企業が、ビジネス上で高い価値を持つデータやサービスをクラウドへ安全に移行し続けるためには、可能な限りサイバーリスクを低減して、システムの可視性を高めるための取り組みが不可欠です。

Read More
November 19, 2019
|
By
Vectra
Conduct Faster, Context-driven Investigations into Active Cyberattacks with Vectra and Chronicle

The Cognito threat detection and response platform from Vectra now seamlessly integrates AI-based threat hunting and incident response of Chronicle Backstory, a global security telemetry platform, for increased context during investigations and hunts and greater operational intelligence.

Read More
November 11, 2019
|
By
Vectra
Automate Response and Speed Remediation with Swimlane and Vectra

That’s why we are happy to announce the integration of Vectra Cognito automated threat detection and response platform with the Swimlane security orchestration, automation and response (SOAR) platform.

Read More
November 4, 2019
|
By
Vectra
Forescout Integration: Gain Real-time Visibility and Automated Response

The integration of the Cognito network detection and response platform with the Forescout device visibility and control platform provides inside-the-network threat detection and response, a critical layer of defense in today’s security infrastructure.

Read More
October 28, 2019
|
By
Vectra
Check Point Integration: Gain Continuous Threat Visibility and Enforcement

The integration between the Cognito automated network detection and response platform and Check Point Next Generation Firewalls empowers security staff to quickly expose hidden attacker behaviors, pinpoint specific hosts involved in a cyberattack and contain threats before data is lost.

Read More
September 25, 2019
|
By
Vectra
RDP Attacks and the Organizations They Target

By analyzing data in the 2019 Black Hat Edition of the Attacker Behavior Industry Report from Vectra, we determined that RDP abuse is extremely prevalent in the real world. 90% of the organizations where the Cognito platform is deployed exhibited some form of suspicious RDP behaviors from January-June 2019.

Read More
September 25, 2019
|
By
Vectra
RDP 攻撃とその標的になる企業

Vectra AI社の「2019 Black Hat Edition of the Attacker Behavior Industry  Report」における分析データから、RDP の悪用が現実の世界で非常に一般化していることが分かります。Cognito プラットフォームを導入している企業の 90% が、2019年1月から 6月にかけてRDP に関する何らかの疑わしい動作があったことを指摘しています。

Read More
September 17, 2019
|
By
Vectra
CrowdStrike, Splunk and Vectra—a Powerful Triad to Find and Stop Cyberattacks

The combination of network detection and response (NDR), endpoint detection and response (EDR) and log-based detection (SIEM) allows security professionals to have coverage across threat vectors from cloud workloads to the enterprise.

Read More
September 17, 2019
|
By
Vectra
CrowdStrike、Splunk、Vectra AI社 – サイバー攻撃の検知と阻止に向けた、3社による強力な施策

セキュリティの専門家は、ネットワークの検知と対応 (NDR)、エンドポイントの検知と対応 (EDR)、ログベースの検知機能 (SIEM) を組み合わせることで、クラウドのワークロードから企業に至るまで、脅威の攻撃対象全体をカバーできるようになります。

Read More
September 9, 2019
|
By
Vectra
Privileged Access Analytics

Since the early days of Vectra, we’ve been focused primarily on host devices. After all, hosts are the entities that generate the network traffic the Cognito platform analyses in looking for attacker behaviors.

Read More
September 9, 2019
|
By
Vectra
特権アクセス分析

Vectra AI社は、設立当初からホストデバイスに主眼を置いてきました。その理由は、攻撃者の行動を分析するためにCognitoプラットフォームが使用するネットワークトラフィックが、結果的にホストというエンティティで発生するからです。

Read More
August 7, 2019
|
By
Vectra
Ransomware Doesn’t Discriminate. It Only Cares about Money.

Modern ransomware has been heavily weaponized, has a sweeping blast radius and is a staple tool in the attacker’s arsenal. In a call to arms, cloud and enterprise organizations everywhere are scrambling to detect and respond early to ransomware attacks.

Read More
July 25, 2019
|
By
Vectra
Survival Guide: Being Secure at Black Hat 2019

Tens of thousands of hackers and security researchers congregate in Las Vegas to participate in one of the largest hacker conventions in the world. Many of them are out to hack your device and put you on the infamous Wall of Sheep.

Read More
July 23, 2019
|
By
Vectra
Notable Insights from the Gartner Market Guide for Intrusion Detection and Prevention Systems

Earlier this month, the Gartner Market Guide for Intrusion Detection and Prevention Systems that describes the market definition and direction of requirements that buyers should look for in their IDPS solution as well as the top use-cases that drive IDPS today.

Read More
July 16, 2019
|
By
Vectra
Encrypted Command and Control: Can You Really Cover Your Tracks?

Most sessions on the internet today are encrypted. By any measure, more than half of all internet traffic uses TLS to encrypt client/server communication.

Read More
June 20, 2019
|
By
Vectra
Threat Behaviors in the Attack Lifecycle

There are multiple phases in an active cyberattack and each is a perilous link in a complex kill-chain that gives criminals the opportunity to spy, spread and steal critical information in native and hybrid cloud workloads and user and IoT devices.

Read More
June 18, 2019
|
By
Vectra
Comparing Vectra and Verizon Threat Research

As the transformation of healthcare through new medical technology continues to move forward, healthcare organizations must remain mindful about what technologies are in place, how they are utilized, and when unauthorized actions occur.

Read More
June 4, 2019
|
By
Vectra
Tapis dans l'ombre : les cinq principaux comportements malveillants de propagation latérale

Au fil de l'évolution du paysage des menaces, l'équipe de Vectra a pu constater qu'une part importante des budgets informatiques est consacrée à renforcer les équipes de sécurité et la protection du périmètre réseau. L'objectif des entreprises est d'améliorer la détection des menaces et d'accélérer le tri des alertes.

Read More
May 27, 2019
|
By
Vectra
Die Top 5 der Vorgehensweisen beim Lateral Movement

Bei Vectra nehmen wir zurzeit wahr, wie Unternehmen als Reaktion auf die Entwicklungen in der Bedrohungslandschaft immer höhere Budgets für den Ausbau der Sicherheitsteams und die Erweiterung des Perimeter-Schutzes einsetzen. Hintergrund sind ihre Bemühungen, die Bedrohungserkennung zu verbessern und die Triage zu beschleunigen.

Read More
May 21, 2019
|
By
Vectra
Not All Data is Created the Same

Vectra customers and security researchers respond to some of the world’s most consequential threats. And they tell us there’s a consistent set of questions they must answer when investigating any given attack scenario. Starting with an alert from Cognito Detect, another security tool, or their intuition, analysts will form a hypothesis as to what is occurring.

Read More
May 7, 2019
|
By
Vectra
Three Cornerstones of the SOC Nuclear Triad

Although NDR and EDR can provide perspective on this, NDR is more critical because it provides perspective where EDR cannot. For example, exploits that operate at the BIOS level of a device can subvert EDR.

Read More
April 30, 2019
|
By
Vectra
Why Network Metadata Is Just Right for Your Data Lake

The collection and storage of network metadata strikes a balance that is just right for data lakes and SIEMs. Metadata enables security operations teams to craft queries that interrogate the data and lead to deeper investigations.

Read More
April 30, 2019
|
By
Vectra
Visibilité, détection et aide à la résolution des incidents avec une architecture sans outil SIEM

Lorsqu'elles élaborent leur programme de résolution des incidents, les équipes de sécurité sont confrontées à un défi de taille : trouver le juste milieu entre l'impératif de visibilité, de détection et de résolution des incidents d'une part, et le coût et la complexité du développement et de la gestion d'un dispositif de sécurité fonctionnel et performant d'autre part.

Read More
April 25, 2019
|
By
Vectra
Apprentissage automatique : la pierre angulaire de l'analyse du trafic réseau

Imaginez un outil de sécurité qui pense exactement comme vous lui apprenez à penser, qui agit au moment opportun et selon les modalités que vous lui avez enseignées. Plus besoin d'adapter vos habitudes de travail à des règles génériques définies par quelqu'un d'autre. Plus besoin de vous demander comment pallier les failles de sécurité qui ne sont pas couvertes par ces règles.

Read More
April 25, 2019
|
By
Vectra
Maschinelles lernen: die ideale basis für network traffic analytics (NTA)

Maschinelles Lernen, der Grundstein der Network Traffic Analytics (NTA) – das ist Technik, die in Ihrem Namen agieren kann, um Ihnen bessere Einblicke in Ihre Infrastruktur zu verschaffen, um die Leistung Ihrer Bedrohungserkennung zu erhöhen und um es Ihnen zu erleichtern, wirklich kritische Bedrohungen gut zu überstehen.

Read More
April 5, 2019
|
By
Vectra
Bedrohungserkennung und Response mit einer Architektur ohne SIEM

Eine der großen Herausforderungen beim Aufsetzen eines guten Incident-Response-Programms besteht darin, die notwendigen Verbesserungen bei der Netzwerk-Transparenz, der Bedrohungserkennung und einer schlagkräftigen Response gegen die Kosten und die Komplexität abzuwägen, die der Aufbau und der Betrieb eines gut einsetzbaren und effektiven Security-Stacks mit sich bringt.

Read More
April 1, 2019
|
By
Vectra
Lurking in the Shadows: Top 5 Lateral Spread Threat Behaviors

When considering how to equip your security teams to identify lateral movement behaviors, we encourage the evaluation of the efficacy of your processes and tools to identify and quickly respond to the top 5 lateral movement behaviors that we commonly observe.

Read More
March 20, 2019
|
By
Vectra
Visibility, Detection and Response Using a SIEM-less Architecture

There is a new breed of SIEM-less security architecture that allows companies to leverage intelligent people with general IT experience to become the next-generation of security analysts.

Read More
November 1, 2018
|
By
Vectra
Most Attacks Against Energy and Utilities Occur in the Enterprise IT Network

The United States has not been hit by a paralyzing cyberattack on critical infrastructure like the one that sidelined Ukraine in 2015. That attack disabled Ukraine's power grid, leaving more than 700,000 people in the dark.

Read More
September 20, 2018
|
By
Vectra
Enquête de la conférence Black Hat 2018: le temps et les compétences avant tout

La conférence BlackHat est formidable. Il n'existe pas de meilleur endroit pour découvrir la réalité de notre secteur, notamment ce qui préoccupe vraiment les professionnels de la sécurité des informations. Comme nous voulons toujours être en phase avec nos clients, il nous a semblé que la conférence BlackHat offrait l'occasion idéale de leur demander ce qui leur importe.

Nous avons mené l'enquête

Pour mieux comprendre ce qui compte pour nos clients, nous avons mené une simple enquête axée sur quatre questions à la conférenceBlack Hat.

Read More
August 22, 2018
|
By
Vectra
2018 Black Hat Superpower Survey: It's About Time and Talent

We love Black Hat. It’s the best place to learn what information security practitioners really care about and what is the truth of our industry. Because we want to always be relevant to customers, we figured Black Hat is an ideal event to ask what matters.

Read More
August 8, 2018
|
By
Vectra
Cyberattack Detections from More Than 250 Vectra Customers with Over 4 Million Devices and Workloads

Recently, Vectra published the 2018 Black Hat Edition of the Attacker Behavior Industry Report, which covers the period from January through June 2018. While there are plenty of threat-research reports out there, this one offers unique insights about real-world cyberattacker behaviors found in cloud, data center and enterprise networks.

Read More
July 11, 2018
|
By
Vectra
Breaking Ground: Understanding and Identifying Hidden Tunnels

Recently, we made an alarming discovery: hackers are using hidden tunnels to break into and steal from financial services firms! Clearly, this is serious business if it involves bad guys targeting massive amounts of money and private information. But what exactly are we dealing with? Let’s dig into what hidden tunnels are and how I find them to uncover the answer.

Read More
June 4, 2018
|
By
Vectra
Giving Incident Responders Deeper Context About What Happened

Cybersecurity analysts are overwhelmed with security events that need to be triaged, analyzed, correlated and prioritized. If you’re an analyst, you probably have some incredible skills but are being held back by tedious, manual work.

Read More
May 14, 2018
|
By
Vectra
Alarmierende Zunahme des Minings für Kryptowährungen an Hochschulen

Während 2017 noch Ransomware-Attacken wie NotPetya und WannaCry die Schlagzeilen beherrschten und den Angreifern eine Menge Geld einbrachten, nahm still und leise bereits das Krypto-Mining Fahrt auf – der Thronfolger der Ransomware, wenn es um opportunistische Verhaltensauffälligkeiten in IT-Netzen geht, mit denen Cyberkriminelle finanziellen Gewinn erzielen wollen.

Der unten wiedergegebene Reddit-Post zeigt recht anschaulich, in welchem Maße das Krypto-Mining für die Universitäten heute ein Problem darstellt. In einigen Fällen setzen geschäftstüchtige Studenten High-End-Computer fürs Mining ein, in anderen Fällen starten sie eine ganze Armee von Botnets zum selben Zweck.

Read More
March 29, 2018
|
By
Vectra
The Alarming Surge in Cryptocurrency Mining on College Campuses

While ransomware attacks like NotPetya and WannaCry were making headlines (and money) in 2017, cryptocurrency mining was quietly gaining strength as the heir apparent when it comes to opportunistic behaviors for monetary gain.

Read More
February 27, 2018
|
By
Vectra
Mensch + Maschine: Im Kampf gegen Cyber-Threats

Zeit ist Geld im Kampf gegen Cyber-Attacken. Dem Ponemon-Institut zufolge liegen die mit einer Verletzung der Informationssicherheit verbundenen Kosten im Mittel bei 3,62 Millionen Dollar. Schafft man es, die Zeit bis zur Erkennung und Eindämmung eines Incidents zu reduzieren, lassen sich diese Aufwände signifikant verringern oder möglicherweise sogar verhindern.

Der Reifegrad und die Effektivität sind zwei der wichtigsten Maßeinheiten für die Leistungsfähigkeit eines SOCs. Die Reife gibt dabei an, welches Entwicklungsniveau ein Unternehmen in Bezug auf seinen Ansatz zum Management von Cyber-Security-Risiken erreicht hat, wobei dies den Grad des Bewusstseins für Risiken und Bedrohungen, die Reproduzierbarkeit erprobter Prozesse und die Anpassungsfähigkeit an neue Bedrohungen einschließt. Der Faktor Effektivität bestimmt, wie gut ein SOC einen Incident erkennt und bekämpft, sobald er eintritt.

Read More
February 7, 2018
|
By
Vectra
Angreifer kapern Admin-Tools – für Spionage, Infiltration & Diebstahl

Im meinem letzten Blogbeitrag habe ich über einen Kunden aus der Finanzbranche und seine Pen-Tests geschrieben und berichtet, wie ich dem Abwehrteam (Blue Team) half, das Team der Angreifer (Red Team) auf frischer Tat zu ertappen.

Read More
January 30, 2018
|
By
Vectra
Vos outils d’administration sont exploités par les cyberpirates

Dans mon dernier article, j'ai évoqué un test d'intrusion réalisé par un client du secteur financier. À cette occasion, j'ai expliqué comment j'avais aidé l'équipe de sécurité à détecter la présence d'une menace. Je vous reviens aujourd'hui avec un nouvel exercice de terrain.

Read More
January 26, 2018
|
By
Vectra
Attackers Can Use Your Admin Tools to Spy, Spread, and Steal

In my last blog, I spoke about a financial customer performing pen testing and how I helped the blue team detect the red team as it carried-out an attack. I’m back again today with another story from the trenches.

Read More
January 18, 2018
|
By
Vectra
Vectra seul éditeur « visionnaire » du MQ 2018 de Gartner dans la catégorie IDPS

Vectra®est le seul éditeur qualifié de «visionnaire» dans le Magic Quadrant2018 de Gartner, dans la catégorie Systèmes de détection et de prévention des intrusions (IDPS).

Read More
January 15, 2018
|
By
Vectra
Vectra ist der einzige Visionär im Gartner Magic Quadrant 2018 für IDPS

Gartner hat Vectra® kürzlich als den einzigen „Visionär“ in seinem Magic Quadrant 2018 für Intrusion-Detection- und -Prevention-Systeme (IDPS) positioniert.

Read More
January 12, 2018
|
By
Vectra
Vectra Is Positioned as the Sole Visionary in the 2018 Gartner Magic Quadrant for IDPS

Vectra® was recently positioned as the sole Visionary in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS). Over the years, intrusion detection systems (IDS) have converged with intrusion prevention systems (IPS) and the two are now known collectively as IDPS.

Read More
December 11, 2017
|
By
Vectra
A Sinuous Journey Through ``tensor_forest``

The random forest (RF) model, first proposed by Tin Kam Ho in 1995, is a subclass of ensemble learning methods that is applied to classification and regression. An ensemble method constructs a set of classifiers—a group of decision trees, in the case of RF—and determines the label for each data instance by taking the weighted average of each classifier’s output.

Read More
May 16, 2017
|
By
Vectra
Vectra Detection and Response to WannaCry Ransomware

Vectra Threat Labs analyzed the WannaCry ransomware to understand its inner workings. They learned that while the way it infects computers is new, the behaviors it performs are business as usual.

Read More
May 13, 2017
|
By
Vectra
Fighting the Ransomware Pandemic

A ransomware attack is spreading very rapidly among unpatched Windows systems worldwide. This morning, the attack was initially believed to target the UK National Health Service, but throughout the day, it has become apparent this is a global attack.

Read More
February 9, 2017
|
By
Vectra
Splunk Integration: A Deep Dive into the Adaptive Security Architecture

Integration decreases cost and increases effectiveness. For this reason, Vectra is adaptive by design. Everything we do considers how to help our customers be more efficient and faster at fighting attacks. Sometimes it involves determining where to deliver sophisticated threat intelligence beyond the Vectra. Working with Splunk is a great example of this integration.

Read More
February 7, 2017
|
By
Vectra
An Analysis of the Shamoon 2 Malware Attack

In 2012, Shamoon crippled Saudi Aramco and this new variant was reportedly targeted at the Saudi labor ministry as well as several engineering and manufacturing companies. During a recent analysis, Vectra Networks came across a malicious component that appears to be used in conjunction with spear-phishing-delivered malicious documents.

Read More
February 2, 2017
|
By
Vectra
What’s an Adaptive Security Architecture and Why Do You Need It?

As long as I can recall, enterprises have always relied on prevention and policy-based controls for security, deploying products such as antivirus software, IDS/IPS and firewalls. But as we now know, and industry research firms have stated, they aren’t enough to adequately deal with today’s threat environment, which is flooded by a dizzy array of advanced and targeted attacks.

Read More
January 17, 2017
|
By
Vectra
Security Automation Isn't AI Security

In the Information Security (InfoSec) community, AI is commonly seen as a savior—an application of technology that will allow businesses to more rapidly identify and mitigate threats, without having to add more humans. That human factor is commonly seen as a business inhibitor as the necessary skills and experience are both costly and difficult to obtain.

Read More
January 11, 2017
|
By
Vectra
The UEBA Market Will Be Gone by 2022

This is a prediction made by Gartner analyst Avivah Litan in her latest blog entry, The Disappearing UEBA Market. Of course it caught our attention here at Vectra. We are not a standalone UEBA company, nor do we want to be. First and foremost, we are an AI company that empowers threat hunters. But we often find ourselves in this discussion with people who believe UEBA alone will solve the world's problems (and possibly make coffee in the morning, too).

Read More
December 15, 2016
|
By
Vectra
Encrypt Everything. Don’t Let Security Be the Reason You Don’t (and Attackers Do)

Enterprises have a strategy to encrypt everything. With this encryption however, attempts to perform SSL decryption mean there will be large volumes of encrypted data to process.

Read More
October 26, 2016
|
By
Vectra
Moonlight – Targeted Attacks in the Middle East

Vectra Threat Labs researchers have uncovered the activities of a group of individuals currently engaged in targeted attacks against entities in the Middle East. These attacks are themed around Middle Eastern political issues and the motivation appears to relate to espionage, as opposed to opportunistic or criminal intentions.

Read More
September 28, 2016
|
By
Vectra
Exploiting the Firewall Beachhead: A History of Backdoors into Critical Infrastructure

Sitting at the edge of the network and rarely configured or monitored for active compromise, the firewall today is a vulnerable target for persistent and targeted attacks.

Read More
July 12, 2016
|
By
Vectra
The New Vulnerability that Creates a Dangerous Watering Hole in Your Network

Security researchers with Vectra Threat Labs recently uncovered a critical vulnerability affecting all versions of Microsoft Windows reaching all the way back to Windows 95. The vulnerability allows an attacker to execute code at system level either over a local network or the Internet. As a result, attackers could use this vulnerability both to infect an end-user from the Internet, and then spread through the internal network.

Read More
March 30, 2016
|
By
Vectra
Canary in the Ransomware Mine

Ransomware is clearly the scourge of 2016. Every week there is a new and notable enterprise-level outbreak of this insidious class of malware—crippling and extorting an ever widening array of organizations.

Read More