Register for a free webinar

Register to watch on-demand

Thank you for registering!

We've received your request and will get back to you soon.

If you do not hear from us in the next 48 hours, please check your spam folder!

Back to homepage

Webinar

On-demand Webinar

Webinar

On-demand Webinar

ATTACK LABS SERIES:

MIND YOUR ATTACK GAPS

Episode 2

Authentication succeeds (identity-driven access)

Join Episode 2 of the Attack Lab Series on July 15, 2026. Learn how to detect Scattered Spider, OAuth supply-chain attacks, Snowflake intrusions, and identity abuse hiding inside valid sessions.

60 minutes

July 15, 2026

11 a.m. ET | CEST | SGT

Hosted in

English

Vectra AI is named a Leader in the 2026 Gartner MQ for Network Detection and Response (NDR).

Attackers aren’t breaking in anymore—they’re logging in.

Attackers aren’t breaking in anymore—they’re logging in.

Today’s identity-driven attacks bypass traditional controls by abusing legitimate access:

Scattered Spider uses helpdesk vishing to bypass MFA
OAuth supply-chain attacks weaponize trusted integrations
Snowflake breaches exploited credentials exposed years earlier

For SOC teams, this creates a dangerous blind spot: valid sessions with malicious intent. ‍

In this 45-minute lab, we analyze real attack paths and show how to detect them in practice:

Scattered Spider helpdesk compromise flow
OAuth supply-chain attacks (Salesloft, Drift, Gainsight, Vercel, Anodot)
BlackFile / Cordial Spider / Snarky Spider activity patterns
UNC5537 Snowflake intrusion behavior

What You’ll Walk Away With

Detection strategies for session hijacking and identity abuse‍
Behavioral indicators that separate attackers from real users
Key gaps in IAM and SaaS logs (and how to compensate)
3 actionable detection improvements you can deploy next sprint

Speakers

Lucie Cardiet

Host

Cyberthreat Research Manager

Vectra AI

FAQs

Register Now

Secure your spot for Episode 3

Register for all 3 sessions here

On Demand Webinars

Identity attacks are winning — Here’s the gap you’re missing

Explore how attackers bypass your MFA, operate undetected in your environments, and how security teams are closing identity detection gaps.

Understanding Modern Attacks (Episode 3)

Join Vectra AI for a three-part Attack Lab Episode 3 that breaks down modern attacks into three 30-minute digestible sessions. Our threat hunters and incident responders will walk through how adversaries enter, hide, and move inside enterprise networks — using real-world attack patterns, live demos, and threat hunting playbooks you can apply immediately.

MongoBleed in the Wild — Finding MongoDB Exposure and Exploitation Signals with Network Metadata (Plus Live Testing Demo)

MongoBleed (CVE-2025-14847) is a remotely exploitable MongoDB vulnerability that allows unauthenticated attackers to leak uninitialized heap memory that allows remote, unauthenticated attackers to leak sensitive server memory—without ever logging in. With public proof-of-concept tooling already available and the vulnerability impacting nearly a decade of MongoDB releases, defenders need a fast, reliable way to identify exposure and detect exploitation attempts across both internet-facing and internal environments.

About Vectra AI

Vectra AI is the leader in hybrid attack detection, investigation and response. The Vectra AI Platform delivers integrated signal across public cloud, SaaS, identity, and data center networks in a single platform. Vectra AI’s patented Attack Signal Intelligence empowers security teams to rapidly detect, prioritize, investigate and stop the most advanced hybrid cyber-attacks. With 35 patents in AI-driven detection and the most vendor references in MITRE D3FEND, organizations worldwide rely on the Vectra AI Platform and MXDR services to move at the speed and scale of hybrid attackers. For more information, visit www.vectra.ai.