Vectra AI adds AI-powered detections that expose attacker behaviors
Vectra AI, Inc. have announced the extension of the Vectra AI Platform to include comprehensive coverage for customers’ Microsoft Azure environments. With the addition of over 40 unique attacker behaviour detections for Microsoft Azure, Vectra AI now delivers over 100 AI-driven attacker behaviour detections. Now, Microsoft customers achieve comprehensive hybrid and multi-cloud defence for their entire Microsoft environment – Microsoft Active Directory, Microsoft Entra ID, Microsoft M365, Microsoft Copilot for M365 and now Microsoft Azure.
According to the Microsoft Digital Defense Report 2024, Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks. The growing Microsoft attack surface, spanning on-premises data centres, network identities, cloud services, and various endpoints, presents increased vulnerabilities as more organisations adopt hybrid and multi-cloud environments. Migration to Microsoft Entra ID, expansion to Azure, and the adoption of Microsoft Copilot for M365 contribute to a wider range of entry points for attackers, as evidenced by the hybrid attacks executed by threat actor groups like Midnight Blizzard and Scattered Spider.
Vectra Managed Detection and Response (MDR) services report a sixfold increase in attacks on Microsoft E5 customers between June and October 2024, underscoring the need for robust security measures. To support security operations (SOC) teams, Vectra AI’s detections monitor over 40 attacker behaviours unique to Azure, and over 100 attacker behaviours spanning Azure, Active Directory, Microsoft Entra ID, Microsoft M365 and Microsoft Copilot for M365, delivering the most robust library of behaviour-based detection tools on the market.
“We consistently hear from CISOs that they want AI to help them identify real threats, connect the dots in real-time, and deliver accurate, integrated attack signal to the SOC. This is especially true for CISOs securing rapidly sprawling Microsoft environments,” said Hitesh Sheth (pictured), Founder and CEO of Vectra AI. “No one is better than Vectra AI at delivering integrated attack signal in real-time.”
The Vectra AI Platform provides the highest-fidelity signal using patented AI-driven Attack Signal Intelligence. Attack Signal Intelligence continuously learns customers’ Microsoft environments to automatically connect the dots on attacker behaviours spanning the organisation’s cloud and network environment. Armed with hybrid and multi-cloud Attack Signal Intelligence, Microsoft customers get the hybrid and multi-cloud attack coverage, signal clarity and intelligent control they need to reduce siloed tool complexity, remove operational latency, and maximise existing SOC time and talent.
“Vectra AI covers not only the basics, but with the detection models, it really looks at the identities traversing through Microsoft Azure and Office 365, and that gives us a complete picture,” said Fabian Heiz, CISO of Coop. “Vectra AI has been a good partner for the last eight years.”
“By expanding our coverage of the Microsoft ecosystem with AI detections for Azure and Copilot, we are demonstrating to SOC teams that our Attack Signal Intelligence is AI they can trust, providing a unique blend of advanced technology, contextual understanding, and automation that other threat detection tools cannot compete against,” said Jeff Reed, Chief Product Officer of Vectra AI.