Vectra tackles alert fatigue with Account Lockdown
The new NDR solution takes an identity-based approach to security enforcement
Vectra AI has announced the release of Account Lockdown, the first NDR solution to help organisations securely protect their network. This launch allows the NDR solutions provider to confront enforcement based on prioritised, high fidelity attacker behaviours and surgical, identity-based enforcement action.
Cyber risk continues to run rampant as security teams struggle with alert fatigue and degrading efficiency as they attempt to keep pace with high volume, indiscriminate signals that steal time and energy from threat mitigation. To compound the issue, even when high priority signals can be surfaced, organisations lack the tools to precisely take action against ongoing attacks.
Existing security enforcement approaches are based on anomalies that create unmanageable volumes of noise. In fact, 42 percent of teams ignore a significant number of alerts because they can’t keep up with the volume. To make matters worse, a large percentage of these are false positives, which creates havoc on the infrastructure and hampers productivity when enforcement is taken on properly operating systems or accounts. Legacy Network Detection and Response paradigms continue to double down on this approach.
“Effective enforcement has to begin with visibility. You can’t fight what you can’t see. The more clarity you have, the more definitive your outcomes will be,” said Vectra CEO Hitesh Sheth. “Further, it’s been widely established by now that most modern cyberattacks target users instead of infrastructure or devices. Security teams should take a page out of the attacker playbook and enforce based on users instead of the network or devices.”
The Vectra platform generates prioritised signals that automatically identify behaviours rather than anomalies and ensures that analysts are spending their time and resources focused on the most important incidents. Account Lockdown takes this one step further, enabling automatic enforcement on these privilege-based, high fidelity signals.