Vectra AI, a pioneer in hybrid attack detection, investigation, and response, announced significant enhancements to its platform with the incorporation of refined Cloud Detection and Response (CDR) for Amazon Web Services (AWS). Vectra's patented Attack Signal Intelligence equips security operations centre (SOC) teams with real-time, integrated attack signals for hybrid offensives that cross-network, cloud, and identity domains.
As businesses migrate an increasing number of applications, workloads, and data into cloud platforms, the process of identifying, investigating, and responding to hybrid attacks has grown disjointed and complicated. According to Vectra AI's 2023 State of Threat Detection report, 90% of SOC analysts express a lack of confidence in dealing with a rising volume and variety of threats. Furthermore, 71% voiced concerns that their organisations may have already been compromised without their knowledge. In addition, 75% of SOC analysts believe they lack the necessary visibility to adequately protect their organisations.
The rise in hybrid deployments has also posed significant challenges for enterprise SOC teams. While the goals of attackers remain consistent, cloud-based attacks reveal different characteristics from those in traditional data centre environments. Being swift and primarily focusing on credentials, cloud threats demonstrate a different dynamism from on-premises counterparts.
Chris Fisher, Director of Security Engineering at Vectra AI, Asia Pacific and Japan, stated, "The reality is that the cybersecurity defense principles of the past decade are broken. Today, as organisations shift more applications and data to the cloud, we are battling the spiral of ‘more’ – more attack surface for attackers to exploit, more methods for attackers to evade defenses and progress laterally, and more noise, complexity and hybrid attacks. Enterprises will be hybrid forever – and so will attackers. It is more important than ever for companies to cut through the noise and achieve signal clarity at the speed and scale needed to stop cyber criminals from infiltrating the organisation and exfiltrating data".
The Vectra CDR for AWS incorporates the latest advancements in cloud threat detection and response. These include AI-driven event detections - purpose-built AI detection models that eliminate the need for writing custom detection rules; real-time context on cloud-based threats – detections that reduce cloud threat detection latency; complete visibility into the entire hybrid cloud – comprehensive view of AWS security risk in mere minutes; and machine learning to understand which AWS account does what – this learns AWS credentials and permissions to highlight identity-based attacks. Moreover, it includes AI-driven prioritisation – that focuses on the most critical threats, native response capabilities, end-to-end hybrid deployment visibility, and much more.
Vectra AI's security researchers have developed innovative open-source toolkits such as DeRF, MAAD-AF, and ./HAVOC to help SOC teams think like attackers and understand sophisticated attacker methods. In addition, Vectra offers extensive AWS training through Vectra CDR for AWS BlueTeam workshops. Furthermore, Vectra's managed detection and response (MDR) for AWS reinforces customers' SOC with global, 24x7 analysts trained to defend against attacks spanning hybrid footprints.