Blog - article

Securing your AWS workloads with Vectra Cognito

Securing your AWS workloads with Vectra Cognito

Securing your AWS workloads with Vectra Cognito

Gareth Bradshaw
June 25, 2019

Today, Amazon Web Services (AWS) unveiled Amazon VPC traffic mirroring that allows customers to gain insight into the network traffic across their virtual private cloud infrastructure for content inspection and threat monitoring.

At the same time, Vectra announced a close-knit development partnership with Amazon, beginning with the integration of its Cognito platform in AWS environments.

These announcements are timely. Digital transformation is driving enterprises to rapidly enter the next chapter of cloud. Six out of 10 enterprises already use infrastructure-as-a-service today.

Of those, half run production workloads in their cloud infrastructures. Companies are looking to rapidly capture favorable business models, dynamic scaling, high availability, and streamlined management that public clouds deliver.

Yet, moving workloads to the cloud doesn't automatically make them more secure – it merely shifts the scope of required security work. Broadly speaking, Vectra commonly observes enterprises at two different phases of their infrastructure cloud journey: Hybrid or native cloud deployments.


Attackers often follow the path of least resistance by initially exploiting human behavior or longstanding infrastructure vulnerabilities. Long before attackers reach a virtual workload, they will have already compromised an end-user device and stolen administrative credentials.

As a result, cloud infrastructures often encounter cyberthreats in the more advanced phases of attack, such as internal reconnaissance, lateral movement, and data exfiltration. So rather than focusing on the initial exploit, it is important to focus on detecting attackers who already compromised the perimeter and are inside the infrastructure.

Native cloud

Nearly four in 10 organizations plan to move to a cloud-first approach when deploying new applications. Many of these applications will forgo any on-premise footprint. In these scenarios, traditional perimeter tools fail in cloud environments and the dynamic, multitenant nature of the cloud introduces new attack behaviors and techniques, making it difficult to detect and respond.

To gain visibility into cloud environments, enterprises will be able to rely on the Cognito platform from Vectra to find hidden threats quickly, empower threat hunters, and speed-up incident response to avert data loss in AWS environments.

The Cognito platform can now be deployed in native and hybrid cloud environments as well as on-premises environments. Cybercriminals who target cloud workloads can no longer hide their malicious behaviors.

To learn more, please visit Booth 333 at Amazon re:Inforce or see our AWS/Vectra integration page for more information.

About the author

Gareth Bradshaw

Gareth Bradshaw is the senior product manager & technology strategist at Vectra AI. Before joining Vectra, he was a senior program manager at Microsoft where he was responsible for the DNS resolution services at the heart of Microsoft Azure. Prior to Microsoft, he was a research and development manager at Agilent Technologies. He received a B.A. and first class honors in computer science and a Ph.D in computer graphics from Trinity College Dublin.

Author profile and blog posts

Most recent blog posts from the same author

Security operations

Integrating with Microsoft to detect cyberattacks in Azure hybrid clouds

September 25, 2018
Read blog post

Securing your AWS workloads with Vectra Cognito

June 25, 2019
Read blog post