Vectra
AI announced that the Vectra Cognito platform
delivers key Zero Trust capabilities for Microsoft 365 and Microsoft Azure
customers. Vectra is uniquely positioned as an integral part of the model which
assumes breaches by investigating the behavior of users, workloads, networks,
and devices as though they originate from an untrusted network by leveraging
its analytics and understanding of
users and accounts, tracking them between on-premise and cloud.
Since cloud applications and a mobile workforce have
redefined the security perimeter, and corporate resources and services now
often bypass on-premises, perimeter-based security models that rely on network
firewalls and VPNs have become obsolete. To address this, Microsoft developed
the Zero
Trust Maturity Model to adapt to the complexities of modern environments
effectively. With the integration of the Vectra Cognito platform, customers
will have access to AI-powered threat detection to monitor and verify the
communications to their business-critical applications.
"The Vectra Cognito platform was developed on the idea that
standard, static security measures like firewalls, NAC, and VPNs were not
enough to protect the modern enterprise," said Randy Schirman, Vectra Vice
President of Partnerships. "With the hybrid remote work model effectively
rendering traditional security measures obsolete, we are completely aligned
with the Microsoft Zero Trust Model approach."
The Vectra
Cognito Platform uses AI to efficiently find and prioritize hidden attacks
in real-time inside Microsoft 365, Azure Active Directory (AD), cloud,
data center, IoT, and enterprise networks before attackers cause irreparable
harm to the organization. The platform allows security teams to prevent attacks
earlier in the kill chain, ensuring that applications essential to business continuity
are available and accessible for the entire extended workforce. Vectra will
help deliver visibility and analytics on the Zero Trust framework's three
guiding principles:
- Verify explicitly. Always
authenticate and authorize based on all available data points, including user
identity, location, device health, service or workload, data classification,
and anomalies.
- Use least privileged access.
Limit user access with Just-in-Time and Just-Enough (JIT/JEA), risk-based
adaptive polices, and data protection to protect both data based adaptive
polices, and data protection to protect both data and productivity.
- Assume breach. Minimize blast
radius for breaches and prevent lateral movement by segmenting access by
network, user, devices, and application awareness. Verify all sessions are
encrypted end to end. Use analytics to get visibility, drive threat detection,
and improve defenses.
"Threat detection and response that accurately detects
network anomalies and account takeover by monitoring user and machine behavior
is a core capability for Zero Trust," said Desmond Forbes, Senior Director
of Business Development at Microsoft. "Vectra, provides customers with
visibility into their hybrid cloud environments, the accounts used, and integrates
that information with
Microsoft Defender for Endpoint and
Azure Sentinel to meet our joint customers' Zero Trust objectives."
To learn more about this integration, please
visit:
https://www.vectra.ai/partners/microsoft