Cybersecurity

The escalating influence of generative AI on business and cybersecurity in 2024: its growing adoption, potential challenges, and the critical need for regulatory oversight.

The security landscape is plagued by tools that cause more inefficiencies, more ineffectiveness, and more breaches than ever.

Vectra AI’s Security Research Team identified issues in Entra ID and Microsoft 365 logs that make your job harder — and may help attackers evade detection.

In my last post, we talked about the importance of security testing as one of the best ways to improve defenders’ skills and expertise and build confidence that ongoing security investments continue to provide ROI.

The best ways to improve defenders’ skills and expertise and build confidence that ongoing security investments continue to provide ROI.

Hooray! It’s Cybersecurity Awareness Month – a security marketer's dream. An entire month dedicated to building awareness and educating the public on adopting safe cyber practices.

Some cybersecurity vendors say they provide AI but only deliver basic rule-based systems. Ask 4 questions to see if an AI in cybersecurity claim is real.

Vectra CRO Willem Hendrickx why he's excited about the opportunity ahead for AI in cybersecurity.

As a seasoned veteran of RSAC, Aaron Turner has curated a list of themes, must-attend sessions, and personal recommendations to consider as to navigate and prioritize your week in San Francisco.

On February 9th 2023, a milestone partnership was celebrated between Vectra and KPMG, and they had a lot to share. The discussion centered around the value of EffectiveSecurity Observability (ESO) - powered by Vectra's Attack Signal Intelligence, while KPMG and Vectra hosted a joined webinar.

With KPMG's guidance and Vectra's technology, organizations can achieve greater visibility into their security posture, reduce risk and reassure the protection of their critical data.

2022 brought a surplus of geopolitical drama and the world's first full-on cyberwar. What comes next? Here's an educated estimate.

In 2023, organisations must prepare for a growing attack surface, the war for cyber skills, and the rise of unknown threats

Modern cyber threats are increasingly evasive and difficult to detect. Vectra offers a new AI-driven solution: Attack Signal Intelligence.

When we enter our names, addresses, phone numbers, emails and credit card info - personally identifiable information (PII) - whose job is it to make sure that the information remains safe and not in the wrong hands? The retailer? The consumer?

Cyberattacks are still on the rise. Learn more about the problem of preventive cybersecurity and what needs to be changed.

On November 1st 2022, after teasing the main show the week before, OpenSSL released their advisory describing two risks to OpenSSL 3.0.0 - 3.0.6. This was originally teased as a Critical level alert, which would have been the first Critical since 2015, however this was downgraded to a High owing to what OpenSSL describe as "mitigating factors".

Vectra SaaS CTO, Aaron Turner shares how to fix overwhelming security alerts that can cause your SOC team to miss critical threats. See how.

Cyber threat actors come in a variety of forms. Though they result in unwanted damage, their tactics, goals, and methods of attack differ. Avoiding being a victim begins with understanding the types of cybercriminals, their behaviors, goals, and motivations.

A major apprenticeship program from the US government could fill vacant cybersecurity jobs - and we're here for it.

A US government agency provides a powerful framework for understanding today's cybersecurity challenges. Here's where Vectra AI fits in.

If you ask security analysts to describe the biggest pain points in their role, you will no doubt get a diverse set of answers. One thing that they will almost certainly have in common is the challenge of dealing with alert fatigue.

Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) that recommends proper configuration and monitoring of PowerShell to address the recurrence of the scripting language's use in cyberattacks.

How to move cybersecurity forward? At the core of this discussion, we always find the same core values. We at Vectra live up to the 9 C's.

Hybrid working models are a hacker's dream! Every remote IP is a potential risk. Learn how to protect your organization in the modern world.

Most marketing messages are a cocktail of sober reality and hyperbole. Of course, the proportions may vary from season to season, from one company to the next, but hype continues to be a perpetual factor in the cybersecurity world. At Vectra, however, we are firm believers in sober reality.

The MITRE ATT&ACK framework helps to keep your business secure. Learn how Vectra leverages MITRE ATT&CK and supports MITRE D3FEND.

Our Vectra Masked CISO series tackles some of the biggest issues in security and how to overcome them.

Vectra's latest report on cybersecurity shows: Traditional approaches won't work anymore. Key findings are listed here.

In order to help security teams validate the effectiveness of their Azure AD security controls and stop future attacks, the Vectra platform continuously monitors user activity and reveals instances of users bypassing multi-factor authentication (MFA) and other preventative controls.

Regardless of discipline, cybersecurity professionals deal with mounting pressure each day to make the right decisions and strategically play the right hand to keep their organisations a step or two ahead of cybercriminals. It can be stressful.

We have never seen a full-on cyber conflict rage across the world's digital systems, but if the situation in Ukraine leads to such a thing, CIOs and CISOs will find themselves on the front lines. With escalation patterns uncertain and no "rules of the road" governing cyberwar, any organization risks becoming a casualty. Already, CIOs and CISOs are seeing their roles evolve and enlarge. Vectra AI CRO Willem Hendrickx discusses their transformational hour

I want Vectra to be known also for its values, for its vision, for its people and attitude, and for its passion for making the world a safer and fairer place. In short, for our culture.

Updated perspective on cyberthreats as a result of ongoing Ukrainian/Russian conflict, including specific custom recall queries, and aggregation of common Russian state actor TTPs.

As the new reality ofthe continual dangers of cyberwar gradually sets in, organizations globally are working to harden their defenses. Most cyber-attacks are blocked by preventative safeguards. Highly motivated attackers, however, tend to find ways to get through those defenses.

While this wiper malware is new, it reuses much of the playbook employed by Russian state actors and ransomware gangs - fighting back requires us to sharpen the tools we already have.

Vectra customers should be aware that current global events related to Russian recognition of separatist regions of the Ukraine carry with them the risk of increased cyber activity conducted by Russian state level actors. This includes evidence that the FSB, the main Intelligence Organization in Russia, is responsible for the DDoS against Ukrainian systems in February 2022.

The role of the CISO has never been clearly defined, and every CISO works differently.They are under a lot of pressure, and this leads to regular rotation of roles. The Masked CISO explains how this could be stopped if CISOs were given more autonomy and responsibility.

New Vectra CRO wants to achieve aggressive growth and continued global expansion for Vectra's leading network detection and response platform.

Dive into the intricacies of AI in cybersecurity with Vectra AI's 'Not All AI is Created Equal'. Learn about the distinction between security-led and math-led AI approaches, and discover how Vectra's unique, data-driven strategy offers superior threat detection and response capabilities, setting a new standard in AI-driven cybersecurity solutions.

Explore the real impact of AI and ML in cybersecurity with Vectra AI's blog 'The Great AI/ML Debate'. Uncover the truth behind the buzzwords and learn how AI-driven solutions can effectively counter modern security threats, including ransomware attacks.

Software attacks with an extortionist background are unfortunately becoming the norm for many companies. But what if automated anti ransomware tools could unmask malware at an early stage and combat them effectively - even before they can cause harm?<br>

As we saw with the Log4J vulnerability, cybercriminals only need a single opening to infiltrate your environment. And while another vulnerability can't be prevented, there's still a lot that can be done to make sure you're ready for the next one.

With ransomware attacks continuing to dominate media headlines, it's clear that a security approach centered on prevention no longer suffices. A shift towards an "assume compromise' security approach prepares your business to deal with the intensity and frequency of today's ransomware attacks. To that end, advanced detection and response capabilities play a crucial role. In this blog, you will also learn why a large British multinational insurance company chose Vectra, Wipro's Venture Partner, to meet its security needs.

A threat-led approach is key to an organisation's security strategy. CISOs should measure security based on their ability to discover if they've been breached, mean time to breach when testing security, or the mean time to detect unknown threats.

Every year the world of cybersecurity encounters new challenges and obstacles for organisations to overcome, but 2021 managed to be an exceptionally dangerous year. So how will the lessons learnt from 2021 shape the cybersecurity landscape? Here are four areas of cybersecurity that will evolve in 2022.

When it comes to cyber security, the old adage of "doing the simple things well' is more relevant today than ever before. Three simple principles have been around for decades but they hold true now more than ever because we live in an increasingly cloud-orientated environment where we need to be vigilant at all times.

Threat actors can use the Log4J vulnerability as a platform for launching attacks, but what does this mean for cloud environments? Find out exactly how attackers are exploiting this vulnerability and what this could mean for your organization.

Agile has its uses. It's increasingly being adopted as a technology wide operating model-to drive transformation everywhere, from helpdesks to datacenters. But is it always appropriate?

A few days after the Log4Shell vulnerability was discovered, we now have more observations about how the exploit is being leveraged. Here's what we know, today.

A new 0day was discovered in the log4j application on December 10, 2021. This vulnerability impacts a widely used logging solution spanning an incredibly large attack surface.

Exclusive cybersecurity research presented in a new report, details how hundreds of security leaders are addressing today's complex cyberthreats in their organisations.

CISOs Must be Brave Enough to Throw Away Their Security Playbook or Suffer the Consequences!

Vectra has been recognized as a DeloitteTechnology Fast 500™ award winner - a ranking of the fastest-growing technology, media, telecommunications, life sciences, fintech, and energy tech companies in North America.

Hear what Tallink, the largest shipping company operating in the Baltic Sea, says are the most valuable capabilities in an NDR solution and what you need to know when selecting one for your environment.

Many organizations these days face incident response challenges. Get insight about the common challenges in this area, and what your organization can do to resolve them.

AI can save your SOC valuable time by automating workloads, while accurately tracking down cyberattacker activities found in ransomware and supply chain attacks.

Ransomware. It is the new digital bogeyman. In the UAE, an industry survey from June 2021showed the extent to which the country (and by implication, the wider region)has been subjected to ransomware. Some 37% of respondents said they had beenvictims in the previous two years. A staggering 84% elected to pay the ransom, only for most of them - 90% of those who paid - to suffer from second attacksthat often came from the same bad actors.

Vectra Detect cybersecurity solution is purpose-built to detect and stop ransomware attacks. The agentless and AI-driven Cognito Platform sees and stops ransomware before it can encrypt files and exfiltrate data by automatically detecting attacker behavior.

Hear cloud security experts from Splunk and Vectra explain how digital transformation has drastically changed security and why organizations need to adapt.

T-Mobile investigates a hacker who claims to breach data of 100 million customers. See what possible outcomes this could result in for the telecoms company.

Microsoft partners with Vectra to deliver Zero Trust security framework to provide analytics and mitigate threats emerging from distributed and hybrid-remote workforces.

Attackers intent on stealing personally identifiable information (PII) and protected health information (PHI) can easily exploit gaps in IT security policies and procedures to disrupt critical healthcare-delivery processes.

There should be fresh scrutiny of SaaS subscription relationships, and the security policies of managed service providers; you're only as secure as your provider.

Vectra is key contributor to new CEPS Report on the Technology, Governance and Policy Challenges of AI and Cybersecurity and supports Vectra's mission to make the world a safer and fairer place.

Vectra is honored to be named Cloud Security/SaaS Disruptor Company of the Year with a Gold Globee® Award in the Annual 2021 Awards.

DarkSide ransomware as a service (RaaS) group provided hackers with a convenient way to extort money from organizations after access was gained. Here are five things you need to know about this prominent cybercriminal group.

As cloud adoption continues to accelerate, the evolution of the next generation of modern attacks will traverse through and towards an enterprise's cloud control plane. Learn why this risk should not be underestimated.

Just a week after the Colonial Pipeline was shut down due to ransomware-attackers are at it again. It's now being reported that Ireland's health service shut down its IT systems and a company in Germany had to fork out a $4.4 million ransom on the same day.

Every year, this global retail giant in the beauty industry failed to pass red team exercises-until they deployed Vectra. Get the full story on how they use the Cognito platform to pass Red Team testing and ensure the overall security of its data.

For us as Vectra, equality and inclusivity are key components of our culture. This International Women's Day, we want to celebrate the women in cybersecurity and highlight the opportunities available in the industry.

Vectra is honored to receive recognition from CRN by honoring the Vectra Partner Program with its prestigious 5-Star Partner Program Rating. We couldn't be more thrilled about this award and our amazing partner community.

Despite 71% of organizations suffering malicious SaaS account takeover, 90% are still accelerating cloud adoption. Surprising? Maybe not - read on as this blog distills the takeaways from mid-sized and large Office 365 enterprises.

CRN® has named Jessica Couto, VP of Channel, Americas, at Vectra AI, to its 2021 list of Channel Chiefs. The prestigious CRN® Channel Chiefs list, released annually, recognizes prominent leaders that demonstrates exceptional leadership, vision, and commitment to their channel partner programs.

The pandemic has made threat actors eager to exploit information about COVID-19. Find out how an ordinary LinkedIn message set off a chain reaction that escalated into a widespread, sophisticated attack at one of the world's leading pharmaceutical companies.

As our reliance on technology grows, so does the need for robust cybersecurity to protect users and keep data and business operations safe.

Discover how the new security insights feature in the Vectra Cognito network detection and response platform eliminates the need for analysts to pivot between tools and provides additional insights related to attacker detections.

Learn how to mitigate online shopping threats and keep your personal data safe this holiday season.

Vectra CTO Oliver Tavakoli looks back on a disruptive 2020 and shares his view of what 2021 holds for security practices.

Learn why we are celebrating our placement in the Deloitte Fast 500 list as an achievement and testament to a customer-first approach rather than a numbers goal.

Vectra research highlights how attackers are using built-in tools and services to attack Office 365. We examine two such attacks that were detected and thwarted by organizations protected by Cognito Detect for Office 365.

When you factor in how long it takes to discover a data breach, it suggests that healthcare is losing the battle. Discover a fundamental approach being advocated by a growing number of healthcare security professionals.

Attackers areusing legitimate toolsbuiltintoMicrosoft Office 365toperform reconnaissance, move laterally,and extend their attacks. OurSpotlightReport on Office 365 identifies whatthey're up to and where you should be looking.

Analyzing the psychology of an insider threat case is a complex task because there is little evidence and scant public data about threat incidents. Develop an improved understanding of the mind of malicious insiders with the multiple life-stage model.

Evaluating risk factors is the first step in implementing an effective insider threat program. Learn why implementing preventative solutions like network detection and response can minimize financial loss and risk of a breach.

During a merger and acquisition, there are several critical cybersecurity challenges to overcome and manage during an M&amp;A.Vectra can help speed-up due diligence and integration by automating threat hunting and prioritizing detected threats based on certainty and risk.

What danger do malicious and negligent insiders constitute and what kind of insider threats exist? Is your organization safe? Learn to spot the two types of insider threats.

The ultimate goal of most insider attacks is to steal data. Just one insider threat incident can cost your organization up to $3 million. Learn when disclosure is protected and how to stay ahead of malicious attacks in this blog.

The problem of detecting an insider threatbeforeit happens is difficult to solve as the prediction of human behavior itself. Discover how applying a data science approach to detection can reveal clues to catch know and unknown attackers across your enterprise.

Maze ransomware can spread across a corporate network, infecting computers it finds and encrypting data so it cannot be accessed. Learn what a Maze attack progression looks like and how you can defend against these types of threats.

What the recent advanced threat actor 29 shows about the security limitations of indicator of compromise and how you can defend against privileged access attacks.

At Vectra, our partners are integral to the way we go tomarket and we want to ensure you we are committed to the mutual success of our relationship.

Vectra is pleased to announce the launch of two new training certification tracks for our partners. The VPSE certification is geared toward sales engineers, while our VSP certification focuses on positioning and selling Vectra Cognito.

Attack tools and techniques can change over time, but attack behaviours remain a stable indicator of attackers within the network. Using attack behaviour as a high-fidelity signal allows you to take action quickly to stop attacks or prevent further damage.

In the era of near-total data, SOC teams and analysts can become swamped by the sheer volume. And that's before we even get to the cost of data ingestion and storage! In this blog, we will explore the value of network metadata, and why we just can't get this level of visibility elsewhere.

Together, Vectra and Sentinel One lead to fast and well-coordinated responses across all resources, enhance the efficiency of security operations and reduce the dwell times that ultimately drive risk for the business.

Together, Cognito and Cybereason provides visibility into all enterprise environments, supporting hybrid, multi-cloud, or on-premises deployments with ease to combat against today's modern cyberattacks.

Thinking about threat hunting by using terms from the MITRE's ATT&amp;CK Matrix to frame the context and guide what you can and cannot see within your environment.

Vectra now integrates with Amazon Virtual Private Cloud (VPC) Ingress Routing and that our AI platform is currently available in the AWS Marketplace.

By analyzing data in the 2019 Black Hat Edition of the Attacker Behavior Industry Report from Vectra, we determined that RDP abuse is extremely prevalent in the real world. 90% of the organizations where the Cognito platform is deployed exhibited some form of suspicious RDP behaviors from January-June 2019.