Vectra AI has announced that there is a major security gap that is obvious, important and urgent: the ability to know if privileged accounts and services are compromised. It is continuing proof that traditional access-based approaches that rely on one-time security gating decisions or predefined lists of privileged identities continue to fail.
Published in the Vectra 2020 RSA Conference Edition of the Attacker Behavior Industry Report and Spotlight Report on Privilege Access Analytics Report, the findings provide a first-hand analysis of active and persistent attacker behaviors from more than five million workloads and devices from customer cloud, data center and enterprise environments.
Key findings from the 2020 RSA Conference Edition of the Attacker Behavior Industry Report and Spotlight Report on Privilege Access Analytics :
Notably, the reports highlight the importance of privileged access as a key part of lateral movement in cyber-attacks. Adversaries leverage privileged accounts to gain unauthorized access to the most critical assets that an organization relies on. It underscores the importance of continuous monitoring of user accounts, services and hosts once they gain access to and operate on the network so that security teams have the right information to take quick action against the malicious use of privilege across cloud and hybrid environments.
“The observations from this report reinforce the importance of visibility into privileged access and other attacker behaviors,” said Chris Morales, Head of Security Analytics at Vectra. “Combining data sources in the cloud with network data can stitch together a powerful combination of information that increases the likelihood of detecting and prioritizing post-compromise activities before a catastrophic breach occurs.”