 back to blog

Securing Your AWS Workloads with Vectra Cognito

Gareth Bradshaw
Senior Product Manager & Technology Strategist
June 25, 2019
Please note that this is an automated translation. For the most accurate information, refer to the original version in English.

Today, Amazon Web Services (AWS) unveiled Amazon VPC traffic mirroring that allows customers to gain insight into the network traffic across their virtual private cloud infrastructure for content inspection and threat monitoring.

At the same time, Vectra announced a close-knit development partnership with Amazon, beginning with the integration of its Cognito platform in AWS environments.

These announcements are timely. Digital transformation is driving enterprises to rapidly enter the next chapter of cloud. Six out of 10 enterprises already use infrastructure-as-a-service today. Of those, half run production workloads in their cloud infrastructures. Companies are looking to rapidly capture favorable business models, dynamic scaling, high availability, and streamlined management that public clouds deliver.

Yet, moving workloads to the cloud doesn't automatically make them more secure—it merely shifts the scope of required security work. Broadly speaking, Vectra commonly observes enterprises at two different phases of their infrastructure cloud journey: Hybrid /or native cloud deployments.

Hybrid cloud

Attackers often follow the path of least resistance by initially exploiting human behavior or longstanding infrastructure vulnerabilities. Long before attackers reach a virtual workload, they will have already compromised an end-user device and stolen administrative credentials.

As a result, cloud infrastructures often encounter cyberthreats in the more advanced phases of attack, such as internal reconnaissance, lateral movement, and data exfiltration. So rather than focusing on the initial exploit, it is important to focus on detecting attackers who already compromised the perimeter and are inside the infrastructure.

Native cloud

Nearly four in 10 organizations plan to move to a cloud-first approach when deploying new applications. Many of these applications will forgo any on-premise footprint. In these scenarios, traditional perimeter tools fail in cloud environments and the dynamic, multi-tenant nature of the cloud introduces new attack behaviors and techniques, making it difficult to detect and respond.

To gain visibility into cloud environments, enterprises will be able to rely on the Cognito platform from Vectra to find hidden threats quickly, empower threat hunters, and speed-up incident response to avert data loss in AWS environments. The Cognito platform can now be deployed in native and hybrid cloud environments as well as on-premises environments. Cybercriminals who target cloud workloads can no longer hide their malicious behaviors.

To learn more, please visit Booth 333 at Amazon reinforce or see our AWS/Vectra integration page https://www.vectra.ai/attack-surface/aws for more information.

Want to learn more?

Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

If you’d like to hear more, contact us and we’ll show you exactly how we do this and what you can do to protect your data. We can also put you in contact with one of our customers to hear directly from them about their experiences with our solution.

Get in touch