The government authority was struggling with limited visibility into their cloud environment and network, which was affecting their digital transformation efforts. They needed an ability to detect and respond to potential threats, handle a high volume of unprioritized alerts, and improve the efficiency of their security operations.
The government authority turned to the Vectra AI Platform for threat detection and response. By deploying Vectra sensors and leveraging AWS virtual private cloud (VPC) traffic mirroring, the organization extended AI-driven detection and response to their additional AWS workloads. Furthermore, through full integration with AWS Security Hub, Vectra detections were made accessible as findings in Security Hub.
As a result of implementing Vectra AI's solution, the government authority gained comprehensive visibility across the entire network and was able to detect active attacker techniques, thus reducing the financial and liability risk caused by a potential breach. The security operations team saw a 40x reduction in workload and daily reported events were reduced to 2-3 per day, with critical events brought down to 1-2 per day.
Full integration with AWS Security Hub means that Vectra detections are published as findings in Security Hub, leading to faster incident investigations and remediation in the cloud.
The deep integration into AWS allows the organization to deploy Vectra sensors and use AWS virtual private cloud (VPC) traffic mirroring to extend AI-driven detection and response to their additional AWS workloads.
Vectra Cloud Detection and Response (CDR) for M365 is the most advanced AI-driven attack defense for malicious threats to your Microsoft 365 apps and data.
Request a 30-minute demo to see how the Vectra AI empowers SOC analysts to find and stop active cyberattacks in minutes.
The Vectra blog covers a wide range of cybersecurity topics, including exploits, vulnerabilities, malware, insider attacks, threat actors, artificial intelligence, and more.