Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Cado Security Launches Collection and Analysis Support of SaaS Environments

March 2024 by Marc Jacob

Cado Security announced that the Cado platform now enables customers to acquire Microsoft 365 Unified Audit Log (UAL) to help investigate and respond to Microsoft 365 compromises such as business email compromise (BEC), account takeover (ATO), and insider threats. With this new feature, security teams can seamlessly analyse UAL logs alongside other critical sources captured across on-prem and cloud environments.

Since organisations heavily rely on email for transfer-of-fund requests, BEC is one of the most common and expensive threats to organizations. Attackers employ tactics such as email spoofing and phishing attacks to take over legitimate email accounts and conduct unauthorised money transfers. According to the FBI, BEC cost organisations over $50 billion worldwide between 2013 and 2022.

With Cado’s new feature, customers can automatically import Microsoft 365 Unified Audit Log (UAL) by timeframe, user, IP, or workload so that security teams can rapidly investigate and respond to potential M365 threats and gain a deeper understanding of scope and impact using the Cado Security platform. By investigating UAL events alongside other events, such as forensic artifacts of an affected user’s workstation in a central platform, security teams can rapidly identify the incident’s root cause, whether from a phishing attack or malware infection.

The Cado platform enables organisations to perform rapid incident response with the following key capabilities:

• Single-Click data capture:
• Cado enables fully automated or single-click evidence collection across cloud, on-premises, and SaaS environments.

• Parallel Processing:
• The Cado platform’s patented cloud-native architecture enables hundreds of data formats to be normalised in minutes.

• Automated Investigations:
• (i)
• Cado AI Investigator,
• powered by Cado’s local LLM, delivers a high-level summary of an incident and automatically analyses potentially malicious files;
• (ii) Automated timeline & root cause analysis,
• the Cado platform automatically pulls together an entire timeline of events to accelerate path to root cause and remediation;
• and (iii) Proprietary and third-party threat intelligence
• is leveraged to automatically flag malicious and suspicious activity so that security teams can quickly pivot their investigation
• based on critical events.

• Single Pane of Glass:
• Organisations can better understand the impact of threats with complete visibility across their entire ecosystem. Cado can seamlessly
• analyse SaaS, cloud, container, serverless, and on-premises assets in a single platform.

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts