SAN JOSE, Calif., May 19, 2021 — Vectra AI, a leader in threat detection and response, today released its 2021 Q2 Spotlight Report, Vision and Visibility: Top 10 Threat Detections for Microsoft Azure AD and Office 365.
This new research details the top 10 threat detections that customers receive by relative frequency when Vectra detects abnormal behavior in a customer environment, which are then used by customers to help ratify attacks in cloud environments.
Highlights include:
The Top 10 Threat Detections seen across Microsoft Azure AD and Office 365 allow security teams to detect infrequent behavior that is abnormal or unsafe across their environments.
Regardless of company size, Office 365 Risky Exchange Operation detection was at or near the top of the list of detections seen by Vectra customers.
Common actions by actors in the Azure AD environment during a recent supply chain attack would map back to Vectra-defined detections and alert the security team about the threat.
“Deploying meaningful artificial intelligence (AI) as a core pillar when extracting informative data from your network, both on-premise and off, is critical in obtaining an advantage against malicious adversaries,” said Matt Pieklik, Senior Consulting Analyst at Vectra. “Security teams must be armed with full visibility to detect potentially dangerous activity across applications, in real-time, from the endpoint to the network and cloud.”
As a leader in the productivity space with over 250 million active users, Microsoft Office 365 has also piqued the interest of looming cybercriminals due to the platform’s large audience. In fact, during a recent global survey of 1,112 security professionals, Vectra uncovered how criminals are regularly bypassing security controls including multi-factor authentication (MFA), proving that determined attackers are still able to gain access.
Solving the challenges organizations continue to see from cybercriminals involves understanding the behaviors adversaries are motivated to take. This means having the ability to collect and aggregate the data that uncovers these behaviors in a way that can be operationalized by security staff.
Vectra has answered this industry need through the creation of Cognito Detect for Office 365 and Azure AD™, which automatically detects and responds to hidden cyberattacker behaviors, accelerates incident investigations, and enables proactive threat hunting. The application offers visibility into Power Automate, Teams, eDiscovery, Compliance Search, Azure AD backend, Exchange, SharePoint, third party Software-as-a-service (SaaS) providers, and more.
About Vectra
Vectra® is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases.
Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem. For more information, visit vectra.ai.
This article was shared with Prittle Prattle News as a Press Release by PRNewswire.
