We are happy to announce Vectra’s Account Lockdown, extending the efficiency of your security operations. Account Lockdown from Vectra allows for immediate, customizable account enforcement via Active Directory integration. You can now surgically freeze account access and avoid service disruption by disabling accounts rather than your network. By disabling an attacker's account, you can limit attacker progression along the killchain. This gives your SOC analysts time to conduct a thorough investigation, knowing that they have contained the blast radius of an attack by limiting the use of account-based attack vectors.
Account Lockdown, that can be performed manually by an analyst or automatically on an analyst's behalf. Manual Account Lockdown allows the analyst to disable a network account during the course of a security investigation with a one-click button action. Automatic Account Lockdown provides automated enforcement, giving you a temporary remediation action whenever your SOC personnel are not available to take immediate action.
Account Lockdown utilizes a configurable set of thresholds, namely Observed Privilege, account Threat and Certainty scores. These high-fidelity signals take advantage of Vectra's Privilege Access Analytics detection suite, which assist in identifying misused or stolen account credentials based on observation privilege, rather than granted privilege. Account Lockdown's identity-based level of enforcement provides the most granular, surgical remediation action you can take against an attacker.
This builds on a platform that is optimized for your response workflows:
Up-level your SOC efficiency while buying them precious time to investigate and protect your network with Account Lockdown from Vectra. Contact us to learn more.
Jose Malacara is a senior product manager at Vectra. He is an AWS Certified Solutions Architect and has over 18 years of broad technology experience, drawing on his many years working in various product management, sales and network engineering roles building and supporting cloud applications for companies like FATHOM, Rackspace and ANX.