Vectra Extends Cloud Identity Detection with Microsoft Azure AD

Vectra AI, a provider of network detection and response (NDR), announced enhanced cloud identity detection capabilities using Azure AD within its Cognito Detect for Office 365. By integrating at the identity layer, Vectra gives complete “cloud-to-ground” security coverage over an organization’s entire SaaS ecosystem, said the company. This single configuration effectively puts an end to lateral movement between ground and cloud.

In the rapidly adopted remote work environment, data is stored and distributed across countless cloud applications.  For many organizations, Azure AD holds the keys to the kingdom because it is leveraged for federated authentication to their SaaS applications. The adoption of Azure AD reached 425 million active users by the end of 2020 and last month Microsoft reported a 50 percent increase in Azure sales in its second fiscal quarter of 2021. This means that compromising a single Azure AD account can give an attacker access to a vast trove of data housed across multiple SaaS applications. With the Vectra extended support for Azure AD, Cognito Detect for Office 365 fills an unanswered security gap by drastically reducing the consequences of a large-scale supply chain breach while offering a simple and comprehensive way to secure users’ cloud identities.

“Organizations must be able to see and stop attacks that have circumvented preventative controls, including multifactor authentication (MFA), to gain access to their network and data. This starts with monitoring account usage for attack behavior and intent,” said John Mancini, Sr. Product Manager. “By using artificial intelligence to analyze how accounts are being used, we find attack behaviors in Azure AD to detect and stop account takeovers before an attack can compromise SaaS applications.”

The Vectra NDR solution offers universal control over data and identities to meet growing privacy and compliance concerns. Other security solutions require configuration on a per-app basis for security coverage, which is too cumbersome and time-consuming to benefit organizations in the long-run or in the throes of a breach. Vectra integrates directly with Azure AD, giving full coverage of all federated SaaS applications and stopping attackers earlier in the kill chain.