Today we’re thrilled to announce that Microsoft has partnered with Vectra deliver key Zero Trust security capabilities for Microsoft 365 and Microsoft Azure customers.
Vectra is uniquely positioned as an integral part of the zero trust security model which assumes breaches by investigating the behavior of users, workloads, networks, and devices as though they originate from an untrusted network by leveraging analytics and understanding of users and accounts, tracking them between on-premises and cloud.
Trust us with Zero Trust security
Since cloud applications and a mobile workforce have redefined the security perimeter, and corporate resources and services now often bypass on-premises, perimeter-based security models that rely on network firewalls and VPNs have become obsolete.
To address this, Microsoft developed the Zero Trust Maturity Model to adapt to the complexities of modern environments effectively. With the integration of the Vectra Cognito Platform, customers will have access to AI-powered threat detection to monitor and verify the communications to their business-critical applications.
The Cognito Platform uses AI to efficiently find and prioritize hidden attacks in real-time inside Microsoft Office 365, Azure AD, cloud, data center, Internet of things (IoT), and enterprise networks before attackers cause irreparable harm to the organization. The platform allows security teams to prevent attacks earlier in the kill chain, ensuring that applications essential to business continuity are available and accessible for the entire extended workforce.
Zero Trust Security Framework’s guiding principles
As a component of the Zero Trust Security Framework, Vectra will help deliver visibility and analytics on the framework’s three guiding principles:
1. Verify explicitly
Always authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies.
2. Use least privileged access
Limit user access with Just-in-Time and Just-Enough(JIT/JEA), risk-based adaptive polices, and data protection to protect both data based adaptive polices, and data protection to protect both data and productivity.
3. Assume breach
Minimize blast radius for breaches and prevent lateral movement by segmenting access by network, user, devices, and application awareness. Verify all sessions are encrypted end to end. Use analytics to get visibility, drive threat detection, and improve defenses.