News
Vectra AI Unveils Hybrid Attack Detection and Response Platform Driven by Artificial Intelligence
Vectra AI has announced the Vectra AI Platform with patented Attack Signal Intelligence to deliver the integrated signal enterprises need to make extended detection and response (XDR) a reality. With the Vectra AI Platform, enterprises can integrate Vectra AI’s public cloud, identity, SaaS, and network signal with existing endpoint detection and response (EDR) signal to arm SOC teams to keep pace with the ever-growing sophistication, speed, and scale of hybrid attacks
As enterprises shift more applications, workloads, and data to hybrid and multi-cloud environments, threat detection and response has become increasingly siloed and complex. Without an effective solution for advanced hybrid attackers, security teams face a vicious spiral of more attack surfaces, more evasive attacker methods, more alerts, and thus, more SOC analyst workload and burnout.
Recent research found that 63% of SOC analysts report that the size of their attack surface has increased in the last three years and 67% are unable to manage the number of daily alerts received. The Vectra AI Platform enables security teams to move at the speed of modern hybrid attackers to identify behaviour that other tools cannot. Harnessing the power of AI to analyze attacker behaviour and automatically triage, correlate, and prioritize security incidents, the Vectra AI Platform provides the integrated signal powering XDR.
“To us, it’s always about outcomes, not acronyms. It’s about the end goal, not some prescribed definition of how to get there,” said Jay DePaul, Chief Cybersecurity & Technology Risk Officer at Dun & Bradstreet. “Vectra AI is helping us achieve our end goals, stop advanced adversaries, modernize our security operations, and ultimately, improve our cyber resilience.”
According to Jon Oltsik, distinguished analyst and Enterprise Strategy Group (ESG) fellow, “Regardless of how XDR is defined, security professionals are interested in using XDR to help them address several threat detection and response challenges. XDR seems like an attractive option since current tools struggle to detect and investigate advanced threats, require specialized skills, and aren’t effective at correlating alerts. In summary, CISOs want XDR tools that can improve security efficacy, especially regarding advanced threat detection. Additionally, they want XDR to streamline security operations and bolster staff productivity.”
The Vectra AI Platform integrates native and third-party attack signals across hybrid cloud domains including AWS, Microsoft Azure, Google Cloud Platform, Microsoft 365, Microsoft Azure AD, networks of all types, and endpoints leveraging the customer’s Endpoint Detection and Response (EDR) tool of choice. The Vectra AI Platform integrated signal enables security teams to:
- Cover more than 90% of MITRE ATT&CK techniques with patented and proven MITRE D3FEND countermeasures.
- Combine AI-driven behaviour-based detection, signatures and threat intelligence for the most accurate representation of active attacks in progress.
- Map attacker progression and lateral movement from the data centre to the cloud, cloud to the data centre and cloud to cloud.
- Build and mature threat-hunting programs and conduct deep forensic investigations.
Vectra AI Attack Signal Intelligence harnesses patented AI to automate threat detection, triage, and prioritization across hybrid cloud domains, by:
- Zeroing in on attacker behaviour, analyzing in many dimensions to see real attacks in a sea of different while patented Privileged Access Analytics (PAA) focuses on accounts most useful to attackers.
- Learning customers’ unique environments to distinguish between malicious and benign events to eliminate 80% of alert noise.
- Prioritizing entities (hosts and accounts) across domains based on urgency and importance, saving individual SOC analysts over three hours per day of alert triage.
With Vectra AI, security teams accelerate investigation and response workflows with integrated investigations sophisticated enough for experienced analysts, and simple enough for junior analysts. New capabilities include:
- Instant Investigations arm analysts of every skill level with quick-start guides to investigate prioritized entities under attack.
- Advanced Investigation enables forensic analysis of Azure AD, Microsoft 365, or AWS Control Plane logs directly in the platform user interface (UI).
- AI-Assisted Investigation leverages large language models (LLMs) to provide analysts with a simple way to gather 360 degrees of context on entities under attack.
The Vectra AI Platform puts humans in control of response by offering flexible response actions both native and orchestrated leveraging over 40 ecosystem integrations to:
- Manually or automatically lock down an account, or isolate an endpoint.
- Trigger security orchestration and automation (SOAR) playbooks and workflows.
- Streamline ticketing, communication, and escalation for incident response processes.
SOC teams continue to be stretched thin as the volume and variety of high-speed hybrid and multi-cloud attacks grow. With the Vectra AI Platform, enterprises can take advantage of analyst reinforcements in the form of MDR services, including:
- Shared roles and responsibilities for monitoring, detection, investigation, hunting and response.
- Shared analytics on attacker behaviour and emerging attacker tradecraft, tactics, techniques, and procedures.
- Shared transparency around SLAs, metrics, and reporting.
“The current approach to threat detection and response is fundamentally broken, as more organizations shift to hybrid environments and security teams continue to face increasing cloud complexity, alert fatigue, and analyst burnout,” said Hitesh Sheth, president and CEO of Vectra AI. “As the pioneer of AI-driven threat detection and response, our best-in-class platform delivers the most accurate integrated signal across the hybrid Enterprise to make XDR a reality at speed and scale.”
Cyber Security
Regional Leaders Chart Course for Secure Telecom Networks at SAMENA Leaders Summit 2024
Huawei, in collaboration with the SAMENA Telecommunications Council and stc, hosted a critical roundtable discussion on cybersecurity at the recent SAMENA Leaders’ Summit 2024. Titled “Building Telecom Cyber Resilience to Protect Business in the Digital Era,” the session brought together leading telecom operators, cybersecurity experts, and decision-makers from regulatory bodies.
This second edition of Huawei’s Global Carrier CISO Roundtable Series, led by Mazen Al Ahmadi, General Manager of Cyber Defense at stc, featured distinguished guests and high-level speakers. Their discussions focused on boosting telecom cyber resilience and safeguarding the digital space in an increasingly interconnected world.
Cybersecurity: A Cornerstone of Digital Success
The roundtable highlighted the critical role of cybersecurity and privacy protection in the success of businesses operating in the ever-evolving digital landscape. With the rise of immersive digital experiences and ubiquitous intelligent applications, network capabilities are undergoing rapid transformation, driven by deep network-cloud-intelligence convergence.
Mohammed Alosaimi, Chief Security Officer at Huawei Saudi Arabia
Securing the Future of Telecom Networks
Experts addressed the importance of cyber resilience for innovative telecom operators. Discussions focused on current challenges posed by advanced technologies like 5G and 5G-Advanced (5G-A) networks integrated with cloud and AI capabilities. Speakers examined strategies, models, tools, and skill sets needed to build resilience, alongside the necessary support from regulatory authorities. Remedial actions to address these challenges were also explored.
Mazen Al Ahmadi, General Manager of Cyber Defense at stc, said, “In today’s rapidly evolving digital landscape, cybersecurity and privacy protection have emerged as paramount concerns for businesses across all sectors, particularly in the telecom industry. The potential for cyber threats and data breaches has grown exponentially as the world becomes increasingly interconnected and reliant on digital infrastructure. Recognising the critical importance of addressing these challenges, the roundtable was a vital platform for industry leaders, experts, and stakeholders to engage in meaningful discussions, share invaluable insights, and collaborate on strategies to fortify the telecom industry against the ever-present menace of cyber threats.”
Mohammed Alosaimi, Chief Security Officer at Huawei Saudi Arabia, reaffirmed Huawei’s commitment to reinforcing cybersecurity infrastructure, stating, “As an industry leader actively engaged in cybersecurity R&D and building a cybersecurity ecosystem in the region, Huawei remains steadfast in our collaboration with carriers and partners to strengthen the construction of digital infrastructure around the world, build a thriving ecosystem, and unleash the potential of the digital world securely.”
A Multifaceted Threat Landscape
Discussions explored the evolving cyber threat landscape, including cyber threats, vulnerabilities, insider threats, and supply chain risks. Experts also analysed the contrasting security challenges of legacy signalling systems (2G and 3G) compared to modern IP-based networks (4G & 5G).
Success Stories and Collaboration
Real-world examples took centre stage as speakers shared cybersecurity use cases that directly contribute to the success of telecom businesses. Recognising the importance of collective action, the session concluded with an interactive discussion focused on fostering collaboration between industry stakeholders. Participants explored ways to address existing and future cybersecurity challenges, enhance resilience across the telecom ecosystem, and ensure adherence to international standards such as GSMA NESAS, MCKB, and OIC-CERT recommendations.
Building on a Global Dialogue
This second edition of Huawei’s Global Carrier CISO Roundtable builds upon the momentum established at MWC2024. At that event, 50 carriers and industry organisations engaged in discussions on best practices and industry standards for safeguarding the digital world.
The SAMENA Leaders’ Summit 2024, held under the patronage of UAE’s Telecommunications and Digital Government Regulatory Authority (TDRA) and with global collaboration from ITU, served as a platform for this crucial dialogue. The summit, held on May 13th in Dubai under the theme “Evolving toward Integration, Intelligence & Sustainability in Infrastructure,” highlighted the importance of collaborative efforts in building a secure and sustainable digital future.
Welcome to the latest issue of Security Review magazine. This is the CCW 2024 Special Edition.
H.H. Sheikh Mansoor bin Mohammed bin Rashid Al Maktoum, Chairman of Dubai’s Supreme Committee of Crisis and Disaster Management, today opened Critical Communications World 2024, the critical communication sector’s leading global conference and exhibition running until May 16 in Dubai World Trade Centre.
The 2024 edition began with the traditional inauguration ceremony, led by H.H. Sheikh Mansoor bin Mohammed, who launched the proceedings. In the days that follow, CCW’s empowering platform will provide visitors with unique opportunities to engage with specialists from over 26 countries, including visionaries from the Middle East, Africa, Asia, Europe, and the US.
The Critical Communications Association (TCCA), the organiser of the annual industry showpiece, has cast an in-depth spotlight on precisely what visitors can expect over its three-day duration. Under the theme ‘Securing society and industry – Connection is the lifeline’, TCCA has promised an ‘unparalleled experience’ for all.
Kevin Graham, Chief Executive Officer, TCCA, said, ” As the leading event in the critical communications sector, CCW is internationally renowned, revered, and respected for its outstanding track record in bringing professionals, organisations, and industry experts together to converge, collaborate, and innovate in the mission-critical communications realm. Now the biggest, most important edition yet has arrived, we’re naturally thrilled that the latest innovations and strategies that define the industry’s future are now being unveiled to the world. Without question, new foundations for transformative changes that enhance global safety and security are about to be solidified.”
As exhibitors display cutting-edge technologies, services, and solutions whilst leading live demonstrations and holding interactive sessions on a vibrant exhibition floor, the conference programme will feature keynote presentations, panel discussions, and interactive debates surrounding the latest innovations and trends unfolding throughout the sector. Amidst an intimate setting perfect for converging and networking, attendees can also enjoy focus forums and roundtable discussions with registration free online.
Advanced TETRA systems, mission-critical broadband, 5G, and MCX and network services are amongst the most relevant topics being examined. Device integration and multi-layered constellation will also be explored, as will the integration of AI and IoT in public safety and healthcare environments and the implementation of geospatial data systems and digital twins.
Furthermore, CCW presents a diverse and inclusive agenda with over 150 distinguished guests and representatives from leading companies like Airbus, AT&T, Ericsson, Motorola Solutions, Hytera and Professional Communications Corporation – Nedaa sharing their insights, experiences, and perspectives. This same agenda will encompass various sectors with emerging technologies in telecommunications, public safety, and city services set to be explored alongside smart solutions integration in policing and healthcare.
When asked why all those with a passion for the critical communications industry should attend, Graham added, “Not only is this edition of Critical Communications World a landmark event; it is destined to be a catalyst for driving critical communications into a vibrant new space in the years ahead. Everyone with a vested interest in this fascinating industry should not let the opportunity to be a part of such a significant occasion that will be remembered for many years to come pass them by. It’s going to be incredibly influential and an unparalleled experience for attendees and participants alike.”
As the essential hub for professionals within the critical communications field, CCW 2024 serves as a platform for industry leaders, policymakers, and technology innovators from around the globe. Live from Dubai’s world-renowned Central Business District, the event will foster new collaborations, ignite new conversations, and inspire the next revolutionary era in mission-critical communications technologies and services.
Video: Interview with Yasar Arafath of Hytera at Critical Communications World 2024
Regional Leaders Chart Course for Secure Telecom Networks at SAMENA Leaders Summit 2024
Security Review – May-June 2024: CCW 2024 Special Edition
Mansoor bin Mohammed Inaugurates Critical Communications World 2024
Nedaa Primed for Critical Communications World 2024
Qualys Offers 30-Day Free Access to the Qualys Enterprise TruRisk Platform
CyberKnight to Focus on Zero Trust Security at GISEC 2024
Positive Technologies to Knock Out Email Threats at GISEC 2024 with New Service
Snowflake Launches Arctic LLM for Enterprises
Mansoor bin Mohammed Opens GISEC Global 2024 at DWTC
Video: Interview with Yasar Arafath of Hytera at Critical Communications World 2024
Video: Interview with Bertil Brendeke of BotGuard at #GISEC2024
Video: Interview with Abdul Rehman Tariq of SolarWinds at #GISEC2024
Video: Interview with Prashant R. Menon of Check Point at #GISEC2024
Video: Interview with Pedro Simoes of Motorola Solutions at Intersec 2024
-
Critical Communications1 week agoKirisun to Showcase DMR and PTToC Solutions at CCW 2024 in Dubai
-
Critical Communications1 week agoAirbus to Show Off Agnet Turnaround at Critical Communications World 2024
-
Critical Communications6 days agoNedaa Primed for Critical Communications World 2024
-
Cyber Security3 days agoRegional Leaders Chart Course for Secure Telecom Networks at SAMENA Leaders Summit 2024
-
Critical Communications4 days agoMansoor bin Mohammed Inaugurates Critical Communications World 2024
-
Critical Communications3 days agoVideo: Interview with Yasar Arafath of Hytera at Critical Communications World 2024
-
Magazine3 days agoSecurity Review – May-June 2024: CCW 2024 Special Edition