Vectra Introduces Detect for AWS: Threat Detection and Response for IaaS and PaaS

June 16, 2021
Vectra AI Security Research team
Vectra Introduces Detect for AWS: Threat Detection and Response for IaaS and PaaS

The rise of DevOps along with the use of Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) have been foundational as IT teams head for cloud-native architectures as a solution to handle today’s always-connected businesses. Yet as cloud providers continue to answer the bell with speed, agility and the productivity many teams can’t live without—security leaders are often left scrambling for ways to make sure everything remains safe.

Much of the uncertainty surrounding Amazon Web Services (AWS) cloud security is due to the fact that public cloud environments are now so complex that deploying cloud applications securely at this point is impossible. Gartner even states that through 2025, 99% of cloud security failures will be the organizations’ own fault.

So, where does that leave us? Well, we need to accept that contorting legacy on-prem security into an entirely different infrastructure creates a false sense of security. Let’s look at what happens when a service gets moved the cloud—in this case, creating a database for an office badging system:

Just with this basic example, it’s easy to see how AWS can greatly simplify a deployment, which provides the customer with exactly what they want—increased speed and agility. However, what’s lost here is visibility and how the customer is now more reliant on the cloud provider. The lack of visibility is what nightmares are made of for security teams because this siloed approach for detecting threats in the hybrid cloud leaves you blind to compromised users, accounts, roles and abuse of misconfigurations which all raise the risk level.

It’s important to remember that cloud providers are great at meeting availability demands and providing a quality service, but when it comes to detecting AWS threats in your environment—let’s make sure all your bases are covered.

Introducing Vectra Detect for Amazon Web Services

Detect for AWS provides organizations with rapid threat detection and response for IaaS and PaaS to reduce the risk of AWS services being exploited. You get alert prioritization and automated response to attacks targeting AWS applications, users, compute and storage instances at runtime—without causing alert fatigue. Vectra has uniquely focused on the AWS control plane to detect attacks, regardless of if they target the resources individually or the AWS instance itself.‍

Let’s see how Detect for AWS will help keep your cloud deployments safe.

Rapidly detect threats against AWS infrastructure, IaaS and PaaS without signatures or outdated static policy rules

As we’ve highlighted, the great agility gained often equals a lack of visibility as a tradeoff when or if apps become attack targets. Keep in mind that signatures and static policy rules can be easily evaded by attackers. Detect for AWS secures applications and your AWS services with agentless threat detection that prioritizes attacks without relying on signatures or static policy rules, so you can deploy and scale cloud applications while keeping them secure.

Reduced risk of cloud services being exploited

There is not enough people or time to configure your cloud securely due to the sheer size and scale coupled with continuous change. Detect for AWS sees what others miss such as account creation, account changes and how different services are being used. Then it prioritizes attacks across the AWS ecosystem without relying on agents or static policy rules.

Legacy operations and security practices don’t translate well to the public cloud, and the cloud surface area that needs to be protected and audited is constantly changing. By using the cloud-native Vectra Detect for AWS, you see the earliest possible signs of attacks—from reconnaissance to lateral movement through exfiltration, so you can see and stop attacks before they cause damage.

Automate attack response for applications running on AWS

Because manual attack response isn’t a realistic option, Detect for AWS secures your global AWS environment, and automatically responds in real-time using native capabilities in AWS Security Hub. This allows you to mitigate threats without disrupting normal operations of your deployments, which is the whole reason you’re there in the first place.

When investigation is needed, Vectra’s patented AI prioritizes security events so you know where to spend time, and you’ll also receive detailed instructions on how to fix any issues. Vectra understands accounts, roles and permissions, which then helps take enforcement actions by locking down the credentials that are used in an attack.

Regardless of whether you’re enabling teams for remote operations or launching new applications for a more productive environment—it shouldn’t be an impossible task to gain the visibility you need spot and stop attacks. And if we take what Gartner says to heart about how the future of cloud security failures will fall on the organization—perhaps it’s time to think about how we go about owning that responsibility.

To get a head start, join us on June 23 along with Andras Cser, VP and Principal Analyst at Forrester Research for the webinar Demystifying Cloud Security: Threat Detection and Response for IaaS & PaaS.