Protecting Cloud Users and Data Across the Entire Network with Expanded Cloud Services

November 18, 2020
Vectra AI Security Research team
Protecting Cloud Users and Data Across the Entire Network with Expanded Cloud Services

Private and trusted networks are obsolete. Workloads have shifted from clients, servers, and endpoints to the public cloud making it more essential than ever to protect your cloud users and data. Network proliferation has created a network comprised of cloud application and services, IoT devices, as well as your data center and enterprise network. Across the network, identity has become the perimeter.

This new perimeter cannot be protected by legacy network security that relies on signatures and anomaly detection. Increasing numbers of remote workers and the legions of IoT devices that access corporate networks make both traditional network security solutions like intrusion detection and prevention systems (IDPS)  and endpoint detection and response (EDR) blind to cloud data and activity.

In a new study conducted by 451 Research, part of S&P Global Market Intelligence, 57% of enterprises reported that they’ve either already deployed or are implementing hybrid cloud environments that blend on-premises systems with cloud-based services.

Vectra uniquely protects the entire network of cloud, hybrid, and enterprise connectivity with our AI-derived machine learning behavioral models that understand the behaviors of hosts, user accounts, and identities—tracking and stopping attackers early in the attack lifecycle.

Securing data in cloud environments

Current security approaches lose visibility when environments expand to the cloud, where users leverage multiple different accounts and access resources from shadow IT devices. Historically, users and hosts were on-premises in the enterprise and subject to strict controls.

The enhanced capabilities from Vectra illustrate, track, and link all host and account interactions between the cloud and enterprise under one consolidated view to dramatically reduce the risk of a data breach and protect your cloud data.

The rise of targeted account-credential attacks negates email security, multi-factor authentication (MFA), cloud access security brokers (CASBs), and other threat-prevention approaches that are designed to protect users. These malicious account-credential attacks look like legitimate user actions to these threat-prevention approaches.

Vectra detects attacks by analyzing the trail of how hosts, user accounts, and workloads are accessed. By leveraging data from both identity provider (IdP) services such as Azure AD and cloud applications like Office 365, Vectra’s patented machine learning models detect attacker behaviors as early as possible during the attack lifecycle

The Cognito network detection and response (NDR) platform from Vectra seamlessly integrates with software as a service (SaaS) applications like Office 365, infrastructure as a service (IaaS) providers, and cloud virtualization platforms, giving visibility into who is accessing it, regardless of how and where.

Only the Cognito NDR platform can detect and stop threats across the entire network whether that’s cloud-based SaaS applications, data center, IoT devices, as well as hybrid and enterprise environments. Its detection capabilities—combined with native integrations to disable accounts and isolate endpoints and workloads—allow security teams to swiftly stop any attacks in the whole network before a data breach occurs.

If you want to see all this for yourself, you can get a demo here.