Vectra AI has announced enhanced cloud identity detection capabilities using Azure AD within its Cognito Detect for Office 365. By integrating at the identity layer, Vectra gives complete cloud-to-ground security coverage over an organisation’s entire SaaS ecosystem. This single configuration effectively puts an end to lateral movement between ground and cloud.
In the rapidly adopted remote work environment, data is stored and distributed across countless cloud applications. For many organisations, Azure AD holds the keys to the kingdom because it is leveraged for federated authentication to their SaaS applications. The adoption of Azure AD reached 425 million active users by the end of 2020 and last month Microsoft reported a 50 percent increase in Azure sales in its second fiscal quarter of 2021. This means that compromising a single Azure AD account can give an attacker access to a vast trove of data housed across multiple SaaS applications. With the Vectra extended support for Azure AD, Cognito Detect for Office 365 fills an unanswered security gap by drastically reducing the consequences of a large-scale supply chain breach while offering a simple and comprehensive way to secure users’ cloud identities.
“Organisations must be able to see and stop attacks that have circumvented preventative controls, including multifactor authentication (MFA), to gain access to their network and data. This starts with monitoring account usage for attack behaviour and intent,” said John Mancini, Sr. Product Manager, Vectra. “By using artificial intelligence to analyse how accounts are being used, we find attack behaviours in Azure AD to detect and stop account takeovers before an attack can compromise SaaS applications. “
Vectra is the first NDR solution to offer universal control over data and identities to meet growing privacy and compliance concerns. Other security solutions require configuration on a per-app basis for security coverage, which is too cumbersome and time-consuming to benefit organisations in the long-run or in the throes of a breach. Vectra integrates directly with Azure AD, giving full coverage of all federated SaaS applications, stopping attackers earlier in the kill chain.
The adoption of public cloud services has skyrocketed within the past year, with Canalys reporting that the worldwide cloud market grew by 33 percent in Q3 2020 alone. This rapid cloud migration has led to a massive gap in visibility where traditional security solutions are unable to see what happens in the cloud. To combat this, Vectra offers patented, industry-leading behavioural detections for cloud identity to secure SaaS applications from account takeovers and malicious insider attacks.
Discussion about this post