This sport data analysis company faced the challenge of managing computationally expensive activities, including data analytics for designing betting odds, tracking irregularities suggesting match fixing, and providing video streaming services. With a heavy reliance on AWS infrastructure, any outage in their AWS systems could jeopardize customer contractual obligations and have a significant business impact.
To enhance their detect and response capabilities, the company migrated to Vectra Detect for AWS, an AI-driven solution that uses behavioral models to find and stop attacks without disrupting operations. This switch provided them with better visibility into their AWS activity, addressing the limitations they faced with GuardDuty alerts and offering complete visibility into their entire setup.
Vectra Detect for AWS showed immediate value by identifying a True Positive where a Kubernetes cluster exposed EC2 instances publicly. The company praised Vectra for alerting them to a significant blind spot, preventing potential unauthorized access. Additionally, Vectra's Kingpin technology helped uncover suspicious activities performed by an unauthorized user, allowing the company to detect and respond to a secret pentest team's activities on day one. Detect for AWS emerged as a crucial component in ensuring the security of the company's cloud infrastructure, providing defense in depth for the management plane amidst continuous integration of new configuration changes.
“This was actually a new kubernetes cluster, which people were migrating from one account to another, and forgot to set up the stack correctly.”
"Thanks to that report we were able to find a significant blind spot, so we greatly appreciate Vectra for alerting us on this!”
Vectra Cloud Detection and Response (CDR) for M365 is the most advanced AI-driven attack defense for malicious threats to your Microsoft 365 apps and data.
Request a 30-minute demo to see how the Vectra AI empowers SOC analysts to find and stop active cyberattacks in minutes.
The Vectra blog covers a wide range of cybersecurity topics, including exploits, vulnerabilities, malware, insider attacks, threat actors, artificial intelligence, and more.