Within the first two weeks of deployment, Detect for AWS was quickly put to the test as a would-be attacker made their way into the environment.
Challenge
Results
The global healthcare organization was experiencing challenges with its existing security information and event management (SIEM) tools in effectively identifying internal threats. Custom rules for post-exploitation coverage within the SIEM often bypassed significant threats due to the inability of the SIEM to manage a large volume of unprioritized alerts from pervasive reconnaissance activities and attempted privilege escalations.
To combat these cybersecurity issues, the organization selected the Vectra AI Detect platform for its AWS footprint, aiming to provide seamless threat detection within their cloud infrastructure. Within the first two weeks of deployment, the platform detected a would-be attacker attempting to infiltrate the environment by stealing credentials and probing the footprint for weaknesses.
With Vectra AI, the organization was able to monitor over 1 million identities, users, and services, promptly detecting and putting a halt to the attacker's behaviors. Vectra Detect's AI-driven analysis meant the SOC team could quickly respond to elevated threats, drastically reducing the number of accounts requiring attention. The platform also provided the team with valuable insights into principal activities, enabling them to effectively quarantine the account and stop the attack in its tracks.
Within the first two weeks of deployment, Detect for AWS was quickly put to the test as a would-be attacker made their way into the environment.
During its second monitoring of the organization’s footprint, Detect spotted behavior closely resembling an attacker probing the footprint for weaknesses.