Vectra launches Cognito Detect to discover and stop Office 365 breaches
As account takeovers continue for Office 365, controlling risk remains the top concern for organisations adopting software-as-a-service models. Vectra highlights the threats to Office 365 and how it can help organisations combat these threats
Cyber risk is becoming an escalating concern for organisations around the world, and Office 365 data breaches are at the forefront. Even with the rising adoption of incremental security approaches like multi-factor authentication, access controls continue to be circumvented. In fact, 40% of organisations suffer from Office 365 account takeovers. As these data breaches make headlines with growing consistency, the resulting financial and reputational costs mount.
It is far too easy for an attacker to manipulate human behaviour and gain high privilege access to business-critical SaaS resources. According to Microsoft’s Q3 FY19 earnings call, there are more than 180 million monthly users on Office 365. With so many users, 100% cyber hygiene becomes impossible. To make matters worse, teams continue to struggle to keep up with weekly vendor-driven configuration changes and new best practices. And once an initial foothold is gained in a SaaS application, it is just a matter of time before they laterally move and cross into other parts of the infrastructure.
Against this backdrop, a massive number of alerts are flooding Security Operations Centers (SOCs), forcing analysts to spend time manually analysing and prioritising which ones deserve attention. This is overwhelming security analysts’ time and organisations’ security budgets. As threat actors become more efficient at dodging and targeting the enterprise, most analysts simply can’t keep up.
“Attackers will follow a path of least resistance and the convergence of these elements makes exploiting the cloud easy for them. In no other construct is it fair to expect a person, or security team, to be correct 100% of the time. This is an unacceptable expectation and entirely unfair to security teams,” said Vectra CEO Hitesh Sheth. “The last thing we want is to create more work for security teams. What is needed is technology that removes the dependency on human behaviour and human error and brings control back to the security team. This is what Vectra can provide.”
Credential abuse is the leading attack vector in SaaS, especially for Office 365. In an effort to help organisations securely and successfully protect their applications, Vectra AI, the leader in network threat detection and response (NDR), is announcing the launch of Cognito Detect for Office 365.
Backed by new detection models focused on credentials and privilege in SaaS applications, Vectra expands cloud coverage from Infrastructure-as-a-Service (IaaS) and extends the ability to track attacker activity pivoting between on-premise, data centre, IaaS and SaaS. Given that attackers don’t operate in silos, a security solution shouldn’t either. Vectra delivers the complete visibility across your deployment footprint that leaves attackers without a place to hide.
“Prevention technology has long been available and continues to evolve, however, it doesn’t guarantee that data is safe. The real growth has been in detection and response capabilities, which have been long missing from most organisations’ resources,” continued Sheth. “We are the first and only NDR to apply privilege-based detections in SaaS applications. Our AI-driven solution seamlessly ties into your existing Office 365 deployment, and detects privilege-based attacker behaviours, giving you full visibility into your SaaS deployments. We continue to be at the forefront of security by detecting privilege abuse behaviours across the entire lifecycle of an attack in the cloud.”