Cyber risk is becoming an escalating concern for organizations around the world, and Office 365 data breaches are at the forefront. Even with the rising adoption of incremental security approaches like multi-factor authentication, access controls continue to be circumvented. In fact, 40% of organizations suffer from Office 365 account takeovers. As these data breaches make headlines with growing consistency, the resulting financial and reputational costs mount.
It is far too easy for an attacker to manipulate human behavior and gain high privilege access to business-critical SaaS resources. According to Microsoft’s Q3 FY19 earnings call, there are more than 180 million monthly users on Office 365. With so many users, 100% cyber hygiene becomes impossible. To make matters worse, teams continue to struggle to keep up with weekly vendor-driven configuration changes and new best practices. And once an initial foothold is gained in a SaaS application, it is just a matter of time before they laterally move and cross into other parts of the infrastructure.
Against this backdrop, a massive number of alerts are flooding Security Operations Centers (SOCs), forcing analysts to spend time manually analyzing and prioritizing which ones deserve attention. This is overwhelming security analysts’ time and organizations’ security budgets. As threat actors become more efficient at dodging and targeting the enterprise, most analysts simply can’t keep up.
“Attackers will follow a path of least resistance and the convergence of these elements makes exploiting the cloud easy for them. In no other construct is it fair to expect a person, or security team, to be correct 100% of the time. This is an unacceptable expectation and entirely unfair to security teams,” said Vectra CEO Hitesh Sheth. “The last thing we want is to create more work for security teams. What is needed is technology that removes the dependency on human behavior and human error and brings control back to the security team. This is what Vectra can provide.”
Credential abuse is the leading attack vector in SaaS, especially for Office 365. In an effort to help organizations securely and successfully protect their applications, Vectra AI, the leader in network threat detection and response (NDR), is announcing the launch of Cognito Detect for Office 365. Backed by new detection models focused on credentials and privilege in SaaS applications, Vectra expands cloud coverage from Infrastructure-as-a-Service (IaaS) and extends the ability to track attacker activity pivoting between on-premise, data center, IaaS and SaaS. Given that attackers don’t operate in silos, a security solution shouldn’t either. Vectra delivers the complete visibility across your deployment footprint that leaves attackers without a place to hide.
“Prevention technology has long been available and continues to evolve, however, it doesn’t guarantee that data is safe. The real growth has been in detection and response capabilities, which have been long missing from most organizations’ resources,” continued Sheth. “We are the first and only NDR to apply privilege-based detections in SaaS applications. Our AI-driven solution seamlessly ties into your existing Office 365 deployment, and detects privilege-based attacker behaviors, giving you full visibility into your SaaS deployments. We continue to be at the forefront of security by detecting privilege abuse behaviors across the entire lifecycle of an attack in the cloud.”