Threat Detection and Response for Banks and Insurers

How Financial Institutions can stop cyberattacks

See Threats. Stop Breaches. Maintain Compliance

The AI-powered Cognito NDR platform from Vectra enables security teams in financial service Institutions (FSI) to identify and respond faster to hidden threats. Vectra helps FSI security leaders reduce the risk of a breach, improve the efficiency of their security operations, help to ensure compliance, and extend cybersecurity into the cloud.

Vectra's Value to Financial Services Institutions

Tools and training to find penetration tests and attackers

Select your role

Regulatory assessment tools such as the UK’s CBEST, European TIBER-EU , the USA’s Federal Financial Institutions Examination Council (FFIEC) and New York State Department of Financial Services (NYSDFS) cybersecurity regulations and frameworks take an intelligence-led approach to identifying salient threats to FSI, and their requirement to demonstrate, using independent delivered penetration testing the ability to protect against identified risks.

Vectra matures Incidence Response capability and improve performance in compliance driven penetration tests by:

  • Industry insights that inform local threat modeling
  • Automated Threat Detections that are risk prioritised and delivered with contextualised insights
  • Accelerated Incident Response through feature-rich integration with a wide range of security tools
  • IR Analyst Skills Development through action-based learning in blue team and red team education exercises
GET SOLUTION BRIEF

Understanding observed attack behaviors from within FSI provides a valuable contribution to intelligence-based threat modeling and definition of security controls. These Tactics, Techniques and Procedures can also be mapped to the MITRE ATT&CK framework.

By focusing on the immutable behaviors that attackers must manifest Vectra enables security controls that have broad coverage and longevity unlike traditional fragile signatures which are explicit fingerprint to find a singular piece of malicious code or piece of known attacker infrastructure.

GET SOLUTION BRIEF

Quickly and accurately identify and respond to the subtle signals of attackers inside your defenses.

Sharpen your incident response skills, get inside the head of your adversaries and experience how NDR can be used in our complimentary Blue Team or Red Team virtual workshop. You’ll also earn ISC2 CPE credits.

REQUEST A WORKSHOP

Hidden threats discovered by Vectra

Select your persona

FSIs increasingly adopt cloud services and platforms for agility, scale and economic benefits. Cloud adoption can bring a concentration of risks through the consolidation of multiple services onto a single platform, and so make a rich target for would be attackers. Regardless of your cloud operating model — SaaS, PaaS, IaaS etc one constant is the requirement to own identity control across your on-prem environment and cloud instances.

By analysing hundreds of Cognito NDR platform deployments, Vectra has identified attacker behaviour insights that expose tactics that remain open to abuse. In many cases, these tactics cannot be completely blocked without materially damaging legitimate operations, so early and effective detection and response is essential.

Top 10 Threat Detections in Financial Services

Vectra Analysis of live NDR deployments has identified vulnerabilities posed to financial services organisations. Compared to many industries FSI invest heavily into their security controls, often shutting down unused pathways and protocols and services. This has a forcing function on attackers who must use the “lay of the land” and use hidden tunnels within legitimate protocols and services, including encrypted communications to surreptitiously access and steal data.

Analysis of hidden tunnels detected inside FSI Vectra NDR deployments revealed their use for both Command and Control (C2) and Data Exfiltration within common protocols such as HTTP, HTTPS an DNS. These detections did not require any decryption or deep packet inspection, instead using AI powered behaviour analysis targeting specific attacker techniques.

HOW TO Detect Hidden Tunnels

Attackers hide in plain sight when they have penetrated your systems. Vectra research detected significantly more hidden command-and-control tunnels per 10,000 monitored devices in financial services than all other industries combined. There were also more than twice as many hidden data-exfiltration tunnels in financial services.

Hidden tunnels are by their very nature hard to find. By using AI to automate threat detection and incident response, the Cognito NDR platform enables financial service organisations to condense days, weeks, and months of manual security investigations into minutes. This enables the IR analyst to quickly understand what is happening and quickly respond.  Analyst average workload reductions of 34x have been observed in live Vectra Cognito NDR deployments.

C2 Evasion Techniques

What Our Customers Say

“Regulatory oversight is greater and greater, and we have to prove that a control is working. Cognito gives us transparency so we can find control weaknesses and remediate them quickly.”

Deputy CISO
Leading Security Exchange

Get Case Study

“With Cognito, I can focus on the highest-risk threats. With other, I have to filter to get rid solutionsof hundreds or thousands of false positives.”

Matthias Tauber
Senior Services Manager for IT Security
DZ Bank

Get Case Study

“Cognito for Office 365 is a windfall in light of how attackers are compromising and taking over accounts. As a long-time Vectra customer, I have confidence in identifying and stopping privilege escalation and account takeovers in Office 365.”

John Shaffer
CIO
Greenhill Investment Bank

Get Case Study

“Cognito gives us meaningful information about data exfiltration behaviors,” says Gallo. “It would take a day to find it using firewall logs, and that’s an impossible amount of time.”

Carmelo Gallo
Cybersecurity Manager
ED&F Man Holdings Ltd.

Get Case Study

“We went from zero to 100 percent visibility into attack behaviors with Vectra.”

Head of Security
Global financial services firm

Get Case Study

“[Vectra] give you the visibility where this is none and going forward a lot of the big government bodies are pushing for behavioral analysis and it fits that perfectly.”

Lee Werrett
UK CISO
HomeServe

Watch Video

Ready to see Vectra Cognito in action?

Request a Demo