Welcome to the Vectra Blog

Featured blog post

BLOG

Volt Typhoon: LOLBins get serious

The recent Microsoft announcement on “Volt Typhoon” activity brings the reality of persistent threat actors back into the spotlight.

Joshua St. Hilaire

and

Luke Richards

May 26, 2023

Read blog

Blog posts

July 15, 2021

Vectra

Confronting Risk and Exposure in Healthcare

Attackers intent on stealing personally identifiable information (PII) and protected health information (PHI) can easily exploit gaps in IT security policies and procedures to disrupt critical healthcare-delivery processes.

July 13, 2021

Rohan Chitradurga

MITRE D3FEND: Learn MITRE D3FEND Framework & Techniques

After obsessing for years over pushing the limits with AI to detect cyberattacker behavior, Vectra is proud to hold the most patents referenced in MITRE D3FEND.

July 5, 2021

Hitesh Sheth

Prevention and Preparedness Revisited: Cyber Defense after Kaseya Ransomware Attack

There should be fresh scrutiny of SaaS subscription relationships, and the security policies of managed service providers; you're only as secure as your provider.

July 4, 2021

Willem Hendrickx

New Think Tank Report Shapes EU Thinking on AI and Cybersecurity

Vectra is key contributor to new CEPS Report on the Technology, Governance and Policy Challenges of AI and Cybersecurity and supports Vectra's mission to make the world a safer and fairer place.

July 2, 2021

Luke Richards

Putting CVE-2021-1675 PrintNightmare to Rest

A new remote code execution vulnerability in Windows Print Spooler, now known as CVE-2021-1675, or PrintNightmare can be exploited by attackers to take control of affected systems. Find out how to detect and stop this exploit with Vectra.

June 29, 2021

Vectra

Demystifying Cloud Security with Forrester

The rapid shift to cloud-everything left users and apps vulnerable to security threats across all environments. Andras Cser from Forrester joined Joe Malenfant and Gokul Rajagopalan from Vectra to discuss cloud trends among organizations.

June 29, 2021

Vectra

Taking Down Cloud Threats for the Win

Vectra is honored to be named Cloud Security/SaaS Disruptor Company of the Year with a Gold Globee® Award in the Annual 2021 Awards.

June 24, 2021

Henrik Davidsson

Are You Transforming Your SOC Yet?

As SOC 1.0 remains the norm for many organizations, this way of doing things does have its challenges. See why more organizations are updating their approach in an effort to spot attacks faster while benefiting from a cost savings.

June 22, 2021

Vectra

5 Things to Know about DarkSide & Other Ransomware as a Service Groups

DarkSide ransomware as a service (RaaS) group provided hackers with a convenient way to extort money from organizations after access was gained. Here are five things you need to know about this prominent cybercriminal group.

June 16, 2021

Vectra

Vectra Introduces Detect for AWS: Threat Detection and Response for IaaS and PaaS

Vectra introduces Detect for AWS, solving threat detection and response for Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) environments.

June 14, 2021

Tim Wade

Detecting Attackers as They Head Towards Your Money

What makes threat detection so challenging? We answer that question and provide the expert insight around our latest Spotlight Report-Vision and Visibility: Top 10 Threat Detections for Microsoft Azure AD and Office 365.

June 2, 2021

Tim Wade

Is the Cloud Control Plane a New Frontline in Cybersecurity?

As cloud adoption continues to accelerate, the evolution of the next generation of modern attacks will traverse through and towards an enterprise's cloud control plane. Learn why this risk should not be underestimated.

May 26, 2021

Matthew Pieklik

The Supply Chain’s Broken Link—Identifying and Preventing Supply Chain Attacks

Supply chain attacks represent an appealing opportunity for attackers. See why this type of attack is gaining in popularity and what defenders need to know to keep their organization safe.

May 19, 2021

Matthew Pieklik

Detecting the “Out of the Ordinary” in Your Microsoft Cloud Environment

In our latest Spotlight Report, see how the Top 10 Threat Detections seen across Microsoft Azure AD and Office 365 allow security teams to detect infrequent behavior that is abnormal or unsafe across their environments.

May 18, 2021

Sam Martin

Achieve Zero Trust Access Visibility with Zscaler and Vectra

We're excited to announce a new integration with Zscaler! Find out how this integration with Cognito Detect provides end-to-end access visibility and protection for remote workers and business-critical applications.

May 17, 2021

Tim Wade

Here We Go Again....One Week After the Colonial Pipeline Attack, More Ransomware

Just a week after the Colonial Pipeline was shut down due to ransomware-attackers are at it again. It's now being reported that Ireland's health service shut down its IT systems and a company in Germany had to fork out a $4.4 million ransom on the same day.

May 13, 2021

Henrik Davidsson

Getting into the mind of an attacker

Cyberattacks are hitting the headlines around the world and there seems to be no end to the noise the attacks are making. We dive into what an organisation should do to stay breached.

May 6, 2021

John Mancini

Azure AD Attackers Beware—Vectra Sees You

The Vectra Cognito Azure AD Privilege Anomaly Detection is a radical step forward when detecting account takeover events targeting Azure AD to gain access to mission-critical SaaS applications. With it, teams are alerted, and attacks can be stopped before they cause harm.

April 30, 2021

Hitesh Sheth

How a Global Retailer Passed Red Team Tests with Vectra

Every year, this global retail giant in the beauty industry failed to pass red team exercises-until they deployed Vectra. Get the full story on how they use the Cognito platform to pass Red Team testing and ensure the overall security of its data.

April 26, 2021

Joshua St. Hilaire

Command and Control (C2) Evasion Techniques, Part 2

Network and endpoint defense technologies will have to either rapidly update signatures or use other investigative ways to detect command and control (C2). Uncover how threat actors evade security tools to execute C2 techniques to learn about what you should look for.

April 22, 2021

Jose Malacara

Threat Detection and Response for Everywhere the Adversaries Go

We're excited to announce extended EDR native integration support in the Cognito platform! Find out how you can benefit from these simple, seamless integrations for comprehensive coverage across the enterprise, IoT devices, hybrid cloud, and cloud environments.

April 8, 2021

Hitesh Sheth

Choosing to Challenge 2021: Women in Cybersecurity

For us as Vectra, equality and inclusivity are key components of our culture. This International Women's Day, we want to celebrate the women in cybersecurity and highlight the opportunities available in the industry.

March 30, 2021

Niall Errity

Spot, Stop, and Lock It with Vectra

Find out how Vectra's native integrations with Microsoft and AWS enable security teams to automatically contain events directly from the Cognito platform.

March 29, 2021

Marc Gemassmer

Vectra Honored with CRN’s Prestigious 5-Star Partner Program Rating

Vectra is honored to receive recognition from CRN by honoring the Vectra Partner Program with its prestigious 5-Star Partner Program Rating. We couldn't be more thrilled about this award and our amazing partner community.

March 24, 2021

Tim Wade

Today’s Security Forecast: Cloudy with a Chance of Account Takeovers

Account takeovers and identity-based attacks are on the rise, with Microsoft Office 365 at the heart of these threats. Find out what concerns are top of mind for IT decision makers when it comes to Office 365 security and protecting data in the cloud.

March 22, 2021

Niall Errity

When You're on the Clock, Vectra's Got Your Lock

Speed is a key ingredient to successful containment but switching between security solutions find the host or policy you want and applying it all takes time. Vectra enables security teams to enforce directly in the platform, saving valuable time for security operations.

March 15, 2021

Tim Wade

Office 365 and Cloud Security Insights: Reasons for Optimism Despite Risks

Despite 71% of organizations suffering malicious SaaS account takeover, 90% are still accelerating cloud adoption. Surprising? Maybe not - read on as this blog distills the takeaways from mid-sized and large Office 365 enterprises.

March 11, 2021

Sam Martin

Vectra SOC 2 Type 2 Compliance Reinforces Commitment to Data Privacy and Protection

We're excited to announce that Detect and Recall have successfully achieved SOC 2 Type 2 compliance. Find out how this milestone further ensures the security and confidentiality of our customers' and partners' data.

March 10, 2021

Gokul Rajagopalan

Extend Vectra Threat Detection to Xen-based EC2 Workloads

Announcing extended coverage of Vectra in your entire AWS cloud footprint using the new AWS traffic mirroring capabilities on EC2 instances based on the popular Xen platform.

March 4, 2021

John Mancini

Hafnium Attack Exploits On-premise Microsoft Exchange Servers

The Hafnium campaign is targeting Microsoft Exchange Servers by leveraging several zero-day exploits and allows attackers to bypass authentication, including MFA to access e-mail accounts. Read more about hot to detect and stop the attack with Vectra Cognito.

February 22, 2021

Tim Wade

3 Guideposts for Organizational Security

Security leaders need to measure success, but too often the exercise focuses more on the absence of failure than the presence of success. Here's three practical guideposts to achieve meaningful organizational security.

February 17, 2021

Vectra

SUNBURST Highlights: How Current User Access Models Allowed World's Largest Supply Chain Attack

Vectra researchers have dissected the SolarWinds supply chain compromise from the initial backdoor to the establishment of persistent access in the data center and cloud environments. A specific focus is provided for Microsoft Office 365, which appears to have been a key target.

February 11, 2021

Sam Martin

Cloud Identity Detections with Azure AD

Vectra announces extended support for Azure AD in Cognito Detect for Office 365. Find out how this increased coverage can secure users' cloud identities and reduce consequences of supply chain attacks.

February 8, 2021

Vectra

Jessica Couto Recognized as 2021 CRN Channel Chief

CRN® has named Jessica Couto, VP of Channel, Americas, at Vectra AI, to its 2021 list of Channel Chiefs. The prestigious CRN® Channel Chiefs list, released annually, recognizes prominent leaders that demonstrates exceptional leadership, vision, and commitment to their channel partner programs.

February 4, 2021

John Mancini

Plain and Simple: You Need Detection Coverage for Azure AD

As witnessed by the SolarWinds attack, compromising a single Azure AD account gives an attacker access to multiple SaaS apps, including Microsoft Office 365. This single point has made it critical for organizations to be able to detect and respond to attacks from Azure AD.

February 1, 2021

Hitesh Sheth

Sanofi Uses Vectra to Stop Cyberattack in Real Time

The pandemic has made threat actors eager to exploit information about COVID-19. Find out how an ordinary LinkedIn message set off a chain reaction that escalated into a widespread, sophisticated attack at one of the world's leading pharmaceutical companies.

January 28, 2021

Joshua St. Hilaire

Command and Control (C2) Evasion Techniques

Learn how Command and Control (C2) frameworks are continuing to evolve in order to evade detection. Here we will examine a method known as JA3 signature randomization.

January 26, 2021

Christopher Thissen

2020’s Biggest Stories in AI

In 2020 we got a glimpse of just how much AI is beginning to penetrate everyday life. However, practical applications raise important questions about the ethical use of AI. In this blog, we reflect on the biggest stories in AI from last year.

January 21, 2021

Marc Gemassmer

The SolarWinds Breach and its Case for Network Detection and Response (NDR)

Learn from Vectra CRO, Marc Gemassmer, what makes the SolarWinds hack unique from other breaches and how network detection and response can help remediate similar attacks in the future.

January 14, 2021

Jonathan Barrett

Why the NIST Zero Trust Architecture No Longer Requires Decryption

Learn why a successful implementation of a Zero Trust Architecture requires a modern network detection and response solution that can collect metadata about encrypted traffic-without relying on the overhead of agents.

January 7, 2021

Chris Fisher

Why Accelerated Cloud Adoption Exposes Organisations to Security Risk

As our reliance on technology grows, so does the need for robust cybersecurity to protect users and keep data and business operations safe.

January 6, 2021

Oliver Tavakoli

Office 365 Threats and Inversion of the Corporate Network

The number of threats targeted towards Office 365 users and other similar platforms will undoubtedly continue to grow in 2021. Learn from our CTO, Oliver Tavakoli, what your company can do to prepare for the rise of targeted SaaS threats in 2021.

January 5, 2021

Vectra

5 Steps of an Actual Maze Ransomware Post Incident

Discover step-by-step how Vectra identified early indicators of a ransomware attack and prevented the encryption of network file share in this blog.

December 17, 2020

Gearóid Ó Fearghaíl

Gone in a Flash: How Vectra Tracks and Flags Flash Usage in Your Network

With Adobe Flash officially marking its end-of-life on Jan. 1, 2021, assessing Flash usage is imperative to prevent attacks though that avenue. Cognito Recall from Vectra now has a Flash dashboard to help organizations decommission Flash across their networks.

December 15, 2020

Sam Martin

Understand Your Environment Better with Security Insights from Vectra

Discover how the new security insights feature in the Vectra Cognito network detection and response platform eliminates the need for analysts to pivot between tools and provides additional insights related to attacker detections.

December 15, 2020

Luke Richards

SolarWinds Orion Hack: What To Know and How to Protect Your Network

Discover what you need to know about the SolarWinds Orions compromise, how it unfolded and why monitoring users in the cloud is imperative to protect your enterprise.

December 11, 2020

Nathan Einwechter

FireEye Breach: Attack Details & How FireEye Rapidly Responded

Discover new learnings from the FireEye breach, including the objectives of the stolen tools, how those tools would present on the network, and how behavior-based detection can identify their use in an attack.

December 10, 2020

Vectra

Beware of Malicious Websites and Using Identical Passwords this Holiday Season

Learn how to mitigate online shopping threats and keep your personal data safe this holiday season.

December 8, 2020

Vectra

How to Track Attackers as They Move to Your Network from the Cloud

Most solutions today provide siloed views of an account, making it impossible to track attack progression across the cloud and network-except ours. We're excited to release a unified view of an account, one that tracks attacker behaviors across network and cloud.

December 3, 2020

Vectra

How Attackers Use Business Email to Compromise Office 365

With more than 200 million monthly subscribers, Office 365 is a rich target for cybercriminals. Learn why MFA no longer stops attackers in this new cybersecurity landscape but network detection and response can.

November 30, 2020

Oliver Tavakoli

The Year in Review—and the Year to Come

Vectra CTO Oliver Tavakoli looks back on a disruptive 2020 and shares his view of what 2021 holds for security practices.

November 19, 2020

Vectra

Why Did Vectra Make the Deloitte Fast 500 for Third Year in a Row?

Learn why we are celebrating our placement in the Deloitte Fast 500 list as an achievement and testament to a customer-first approach rather than a numbers goal.

November 18, 2020

Vectra

Protecting Cloud Users and Data Across the Entire Network with Expanded Cloud Services

Learn how Vectra protects users and data beyond the traditional network by detecting malicious intent and tracking and stopping attackers who move between cloud, hybrid, and enterprise-ultimately reducing the risk of breach.

November 5, 2020

Vectra

The Business of Ransomware is Changing—Detection and Response Needs to Change Too

"Ransomware operators" are rational economic entities that have evolved their tactics to optimize their ill-gotten financial returns. Their behavior changes mean detection and response approaches must change too.

October 28, 2020

Vectra

Incident Response and Knowing When to Automate

The goal of an efficient incident response process is to free-up security analyst's time to focus on higher value work that requires critical thinking. Learn how automation can be applied to a detection and response process.

October 27, 2020

Eric Hanselman

Parting the Clouds in Threat Hunting

Learn from Principle Research Analyst, Eric Hanselman, from 451 Research how the combination of the right data and the right analytics can help security teams to secure what is an important resource for the modern enterprise.

October 26, 2020

Vectra

A Tale of Two Attacks: Shining a Security Spotlight on Microsoft Office 365

Vectra research highlights how attackers are using built-in tools and services to attack Office 365. We examine two such attacks that were detected and thwarted by organizations protected by Cognito Detect for Office 365.

October 22, 2020

Jonathan Barrett

Why NDR is a Required Component of NIST Zero Trust Architecture

National Institute for Standards and Technology (NIST) publication for the Zero Trust Architecture (NIST SP 800-207) relies heavily on continuous and accurate monitoring. Find out why network detection and response (NDR) is a required component.

October 21, 2020

Henrik Davidsson

The Value of NDR Use Cases for Your SIEM

If you are in security operations, have you ever wondered how long it will take before use cases and playbooks are ready or prove value to your organization?

October 20, 2020

Vectra

Vectra and Splunk Partner on Mission Control for an Out of this World Launch

Vectra announces the expansion of the partnership with Splunk as a launch partner for Splunk Mission Control, a cloud-based and future-ready unified security operations platform.

October 20, 2020

Vectra

How to Win the Cybersecurity Battle in Healthcare

When you factor in how long it takes to discover a data breach, it suggests that healthcare is losing the battle. Discover a fundamental approach being advocated by a growing number of healthcare security professionals.

October 19, 2020

Vectra

The Office 365 Tools and Open Services Attackers Love to Use

Attackers areusing legitimate toolsbuiltintoMicrosoft Office 365toperform reconnaissance, move laterally,and extend their attacks. OurSpotlightReport on Office 365 identifies whatthey're up to and where you should be looking.

October 15, 2020

Vectra

Vectra and CrowdStrike Turn the Tables on Cyberattackers

Learn more about how Vectra's new Detect Lockdown feature, made possible by integrating with CrowdStrike Falcon Insight Endpoint Detection and Response (EDR), enables you to automatically thwart cyberattackers on the device level.

October 14, 2020

Vectra

Incident Response Maturity and the Roadmap to Success

Discover how maturity and capability can be defined and measured across the five stages of the maturity model based on the desired level of risk awareness.

October 13, 2020

Vectra

What We Saw in 90 days from 4 Million Microsoft Office 365 Accounts

Read the Office 365 Spotlight Report to learn about the primary cybersecurity threats that can lead to Office 365 takeovers and breaches.

October 8, 2020

Sam Martin

Fortinet Integration: Advanced Monitoring and NDR with Automated Response

We're excited to announce a partnership with Fortinet to integrate the Cognito Platform and FortiGate next-generation firewalls to detect, respond, and block cyberattacks in cloud, data center, IoT, and enterprise networks.

October 6, 2020

Nathan Einwechter

Count Your 16,000 Most Critical Assets? Are You Nuts?

Asset management is one of the toughest challenges IT organizations can face. Discover why the ability to detect threats early on the network is better than ranking your critical systems.

September 30, 2020

Vectra

Incident Response and the Need for Speed

A mature incident response process provides the benefit of faster response to reduce the amount of time an attacker has access to organization resources. Discover the metrics security teams can use to measure risk and mitigation.

September 29, 2020

Vectra

The Psychology Behind an Insider Threat

Analyzing the psychology of an insider threat case is a complex task because there is little evidence and scant public data about threat incidents. Develop an improved understanding of the mind of malicious insiders with the multiple life-stage model.

September 25, 2020

Gregory Cardiet

NDR Helps You Achieve More from Your SIEM (EDR Helps, too)

Gregory Cardiet, technical leader for Vectra, shares his thoughts and experiences on why enterprises are increasingly integrating network detection and response (NDR) as a core element of their security operations visibility capabilities.

September 24, 2020

Sam Martin

cPacket Networks Integration: Deliver NDR with Fast Forensics

We're delighted to to announce a new integration between our Cognito platform for NDR and the cPacket Networks visibility solution. The combined techniques provide robust security-response capabilities that track the source, target, and method of attack.

September 22, 2020

Vectra

Insider Threats: What to Look For and How to Respond

Evaluating risk factors is the first step in implementing an effective insider threat program. Learn why implementing preventative solutions like network detection and response can minimize financial loss and risk of a breach.

September 22, 2020

Stephen Malone

Detecting ZeroLogon with Zero Signatures

The recent ZeroLogon (CVE-2020-1472) vulnerability allows an attacker to gain Domain Admin credentials. The Vectra AI/ML models are designed to detect attacks regardless of tools or signatures and alerted on ZeroLogon even before it was announced.

September 21, 2020

Henrik Davidsson

How to Gain Full Threat Visibility Where Only the Network Exists

Learn why the SOCvisibility triad is a better way to gain full visibility into threats and why Vectra is critical to help provide that visibility.

September 21, 2020

Henrik Davidsson

Controlling Cyber-risk in Mergers and Acquisitions

During a merger and acquisition, there are several critical cybersecurity challenges to overcome and manage during an M&A.Vectra can help speed-up due diligence and integration by automating threat hunting and prioritizing detected threats based on certainty and risk.

September 15, 2020

Vectra

The Two Types of Insider Threats

What danger do malicious and negligent insiders constitute and what kind of insider threats exist? Is your organization safe? Learn to spot the two types of insider threats.

September 14, 2020

Henrik Davidsson

The Value of AI-driven Network Detection and Response for MSSPs

With the advent of AI, managed security service providers (MSSPs) have a huge opportunity to improve 24x7 network threat detection, response and visibility while augmenting their understanding of security events.

September 8, 2020

Marcus Hartwig

Insiders and Whistleblowers

The ultimate goal of most insider attacks is to steal data. Just one insider threat incident can cost your organization up to $3 million. Learn when disclosure is protected and how to stay ahead of malicious attacks in this blog.

September 1, 2020

Tim Wade

Can Data Science Identify Insider Threats?

The problem of detecting an insider threatbeforeit happens is difficult to solve as the prediction of human behavior itself. Discover how applying a data science approach to detection can reveal clues to catch know and unknown attackers across your enterprise.

August 25, 2020

Marcus Hartwig

Why IDPS is Cumbersome and Hampers Security Personnel

Discover in this blog why many organizations are struggling with the burden of maintaining IDPS deployments and how security teams can instead concentrate on detecting and mitigating active threats inside the network with network detection and response.

August 20, 2020

Gearóid Ó Fearghaíl

Easily Track Expiring Certificates in Cognito Recall

See the certificates in your network that are actively in use, those that are about to expire and ones that have already expired in the new dashboard in Cognito Recall.

August 18, 2020

Marcus Hartwig

Why IDPS Lacks the Capability to Detect Modern Attacks

Learn how IDPS is ill-equipped to detect what is known as lateral movement, east-west traffic, or simply attackers moving around inside your deployments due to reliance on signatures and being deployed at the network perimeter.

August 11, 2020

Marcus Hartwig

Alert Fatigue and Bad Signatures Leads to Missed Attacks

Consider getting rid of IDPS and the noise it creates and check out detecting and stopping cyberattacks using NDR. Free-up your security analysts to focus on investigations and threat-hunting instead of tweaking signatures.

August 6, 2020

John Mancini

Vectra Threat Intelligence: The Icing on the Cake

AI-based detections are great at identifying attacker behaviors while threat intelligence provides fast, labeled coverage of known threats. Adding threat intelligence extends the coverage of AI-based detections to give you the most durable coverage and early understanding of threats.

August 5, 2020

Vectra

Using Vectra to Detect and Stop Maze Ransomware

Maze ransomware can spread across a corporate network, infecting computers it finds and encrypting data so it cannot be accessed. Learn what a Maze attack progression looks like and how you can defend against these types of threats.

August 3, 2020

Tim Wade

Ferret Out a RAT: Don’t Just Build a Better Mousetrap

Learn why using AI models to look for the communication pattern of a RAT in network data, can help detect them in real-time with high-fidelity based on the behavior observed.

July 28, 2020

Vectra

Vendor Collaboration in the Cybersecurity Industry is Essential (and Our Customers Deserve It)

We need more than just APIs. When security vendors truly collaborate and integrate their tools, we enable our customer's security teams to further improve the agility, efficiency and efficacy of their security operations.

July 21, 2020

Vectra

Expertise That Unlocks the Potential within Your Security Operations

The newly announced Vectra services enable our customers to produce positive security outcomes, optimize security operations, and backup their teams when it matters most, with access to Vectra experts.

July 20, 2020

Battista Cagnoni

SOC Maturity: Reactive, Proactive and Threat Hunting

Battista Cagnoni examines how you can mature your Security Operations Center (SOC) using processes for reactive threat detection and proactive threat hunting.

July 20, 2020

Tim Wade

Security Limitations of IOCs—Lessons Learned from APT29

What the recent advanced threat actor 29 shows about the security limitations of indicator of compromise and how you can defend against privileged access attacks.

July 19, 2020

Marcus Hartwig

Why Does Monitoring How Privileged Account Access is Used (and Abused) Matter?

Privileged access is a key part of lateral movement in cyberattacks because privileged accounts have the widest range of access to critical information, making them the most valuable assets for attackers. The recent Twitter Hack compromising several high-profile accounts becomes another stark example.

July 14, 2020

Jose Malacara

Expanding Vectra Lockdown Capabilities with Defender ATP

Our integration with Microsoft Defender ATP lets you perform Host Lockdown on Microsoft Defender ATP hosts.

July 9, 2020

Marc Gemassmer

Vectra’s Commitment to the Channel is Validated with the Launch of Our New Partner Program

At Vectra, our partners are integral to the way we go tomarket and we want to ensure you we are committed to the mutual success of our relationship.

June 30, 2020

Vectra

The Sizable Risk of Cyber Well-being in Healthcare

Healthcare's shift to the cloud is not new. However,COVID-19 has accelerated the roadmap for cloud adoption leaving healthcare security teams in a reactive mode rather than staying proactive to head-off the spread of potential attacks.

June 29, 2020

Rohan Chitradurga

Office 365 Security: Power Automate is the New PowerShell

Learn why Microsoft Power Automate is great for Office 365 users, but why it's terrifying for security professionals.

June 24, 2020

Marcus Hartwig

MFA is Not Enough - Malicious OAuth Apps in Office 365 are Here to Stay

MFA is a great step to take, but there are always ways around preventive controls. One of the well-known MFA bypass techniques is the installation of malicious Azure/O365 OAuth apps. Learn why you need to implement detection-based solutions.

June 16, 2020

Vectra

What to Know Before Reading the 2020 Gartner Market Guide for NDR

The long-awaited Gartner Market Guide for Network Detection and Response (NDR) has been released and there are a few critically important things we believe you should note before diving into the document and the redefined category.

June 9, 2020

Marcus Hartwig

Vectra and Microsoft Join Forces to Fulfill the SOC Visibility Triad

Vectra announces a partnership and deep product integration with Microsoft Defender for Endpoint (EDR) and Microsoft Azure Sentinel (SIEM) to further our extensive partner ecosystem and allow our customers to leverage the tools they already are using.

April 13, 2020

Vectra

New Partner Training

Vectra is pleased to announce the launch of two new training certification tracks for our partners. The VPSE certification is geared toward sales engineers, while our VSP certification focuses on positioning and selling Vectra Cognito.

March 26, 2020

Stephen Malone

Using Vectra Network Metadata to Find Attacker Tools and Exploits

Attack tools and techniques can change over time, but attack behaviours remain a stable indicator of attackers within the network. Using attack behaviour as a high-fidelity signal allows you to take action quickly to stop attacks or prevent further damage.

PREV NEXT

Sorry, we could not find what you're looking for, but here are some resources that might be of interest to you:

May 26, 2023

Joshua St. Hilaire

Volt Typhoon: LOLBins get serious

The recent Microsoft announcement on “Volt Typhoon” activity brings the reality of persistent threat actors back into the spotlight.

May 24, 2023

Kevin Kennedy

The Better Darktrace Alternative: Why 91% of Customers Choose Vectra AI

Looking for an alternative to Darktrace? See why 9 in 10 customers choose Vectra AI, the top Darktrace alternative powered by Attack Signal Intelligence.

May 3, 2023

Kat Traxler

Rethinking Your Threat Models for the Cloud

Attacker techniques are dictated by the characteristics of the tech stack. So what is the approach needed to defend cloud systems?