Vectra technology deployed to assess cyber threats at a premium GCC aluminium producer

News Desk -

Share

One of GCC’s premium aluminium producers is using Vectra and its technologies to asses and find real attacks and their progression throughout the cyber kill chain, to stop an attack from becoming a breach by quickly investigating them. The proactive approach along with a major reduction in false positives helps one security analyst to manage entire SOC operations for the company.

A spokesperson from the aluminium producer said When it comes to protecting against attacks, the key challenge we faced was visibility — silos and isolated networks exist across the environment, and it was difficult to control it completely.”

The spokesperson added “We also struggled with alert fatigue — we used to have a SIEM and antivirus solutions and we would get a lot of alerts, which meant our SOC analysts had to manually analyze and prioritize the alerts. And finally, our security solutions, be it the SOAR and EDR solutions, firewalls or IPSs, are all reactive which meant that by the time we received a trigger, it was already too late and the attacker was in our network.”

The Vectra platform, underpinned by the company’s ground-breaking Attack Signal Intelligence technology, has allowed the aluminium producer’s security team to move from a reactive to a more proactive approach to cybersecurity and pick up on threats before they have had a chance to materialize into something malicious.

Vectra Attack Signal Intelligence continuously and automatically monitors for attacker tactics with a collection of Security AI models programmed with knowledge of attacker TTPs, in contrast to systems that use AI for anomaly detection and need human tuning and maintenance. The results go via another layer of AI that automatically surfaces and prioritises risks based on severity and impact by fusing knowledge about the organization’s environment with threat models and human threat intelligence.

“The biggest advantage of the Vectra solution is the anomaly detection because it’s not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well,” added the spokesperson at the aluminium producer.

As a result, the manufacturer of aluminium can detect up to 90% of threats at the very beginning while lowering the percentage of false positives to just 1%. As a result, the complete SOC activities can now be managed by a single security analyst.

Taj El-Khayat, Managing Director for EMEA South at Vectra AI said “Today, security teams are over-stretched and suffer burnout. They are stuck in a vicious cycle of having to manually maintain detection rules, triage alerts, and figure out what alerts to prioritise. Compounding these challenges is the fact that today, the biggest threat facing organizations in the region is the unknown compromise. These are precisely the challenges that the aluminium producer was facing and why they selected Vectra to underpin their SOC.”

He added “I am confident that with Vectra, the company’s security professionals will no longer have to worry about detecting and prioritizing threats and can instead devote their time to doing what they do best — investigating and responding to real attacks.”


Leave a reply