Vectra Empowers Organisations to Detect and Stop Office 365 Breaches
February 2020 by Vectra
Cyber risk is becoming an escalating concern for organisations around the world, and Office 365 data breaches are at the forefront. Even with the rising adoption of incremental security approaches like multi-factor authentication, access controls continue to be circumvented. In fact, 40% of organizations suffer from Office 365 account takeovers. As these data breaches make headlines with growing consistency, the resulting financial and reputational costs mount.
It is far too easy for an attacker to manipulate human behavior and gain high privilege access to business-critical SaaS resources. According to Microsoft’s Q3 FY19 earnings call, there are more than 180 million monthly users on Office 365. With so many users, 100% cyber hygiene becomes impossible. To make matters worse, teams continue to struggle to keep up with weekly vendor-driven configuration changes and new best practices. And once an initial foothold is gained in a SaaS application, it is just a matter of time before they laterally move and cross into other parts of the infrastructure.
Against this backdrop, a massive number of alerts are flooding Security Operations Centers (SOCs), forcing analysts to spend time manually analyzing and prioritizing which ones deserve attention. This is overwhelming security analysts’ time and organizations’ security budgets. As threat actors become more efficient at dodging and targeting the enterprise, most analysts simply can’t keep up.
Credential abuse is the leading attack vector in SaaS, especially for Office 365. In an effort to help organisations securely and successfully protect their applications, Vectra AI, the specialize in network threat detection and response (NDR), is announcing the launch of Cognito Detect for Office 365. Backed by new detection models focused on credentials and privilege in SaaS applications, Vectra expands cloud coverage from Infrastructure-as-a-Service (IaaS) and extends the ability to track attacker activity pivoting between on-premise, data center, IaaS and SaaS. Given that attackers don’t operate in silos, a security solution shouldn’t either. Vectra delivers the complete visibility across your deployment footprint that leaves attackers without a place to hide.