Press ReleaseArtificial IntelligenceCyber SafetyThreat Detection & Defense

Vectra AI Strengthens AI Platform vs Cyberattacks on Microsoft Customers

Vectra AI Is Adding AI-Powered Detections That Expose Attacker Behaviours Targeting Microsoft Azure Cloud Services and Microsoft Copilot

Vectra AI, Inc., the leader in Artificial Intelligence (AI)-driven XDR (extended detection and response), has announced the extension of the Vectra AI Platform to include comprehensive coverage for customers’ Microsoft Azure environments. With the addition of over 40 unique attacker behavior detections for Microsoft Azure, Vectra AI now delivers over 100 AI-driven attacker behavior detections.

Now, Microsoft customers achieve comprehensive hybrid and multi-cloud defence for their entire Microsoft environment – Microsoft Active Directory, Microsoft Entra ID, Microsoft M365, Microsoft Copilot for M365, and now Microsoft Azure.

According to the Microsoft Digital Defense Report 2024, Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks. The growing Microsoft attack surface, spanning on-premises data centers, network identities, cloud services, and various endpoints, presents increased vulnerabilities as more organizations adopt hybrid and multi-cloud environments.

Migration to Microsoft Entra ID, expansion to Azure, and the adoption of Microsoft Copilot for M365 contribute to a wider range of entry points for attackers, as evidenced by the hybrid attacks executed by threat actor groups like Midnight Blizzard and Scattered Spider.

Vectra AI Highlights the Need for Robust Security Measures

Vectra Managed Detection and Response (MDR) services report a sixfold increase in attacks on Microsoft E5 customers between June and October 2024, underscoring the need for robust security measures. To support security operations (SOC) teams, Vectra AI’s detections monitor over 40 attacker behaviours unique to Azure, and over 100 attacker behaviors spanning Azure, Active Directory, Microsoft Entra ID, Microsoft M365 and Microsoft Copilot for M365, delivering the most robust library of behaviour-based detection tools on the market.

“We consistently hear from CISOs that they want AI to help them identify real threats, connect the dots in real-time, and deliver accurate, integrated attack signal to the SOC. This is especially true for CISOs securing rapidly sprawling Microsoft environments,” says Hitesh Sheth CEO and founder of Vectra AI. “No one is better than Vectra AI at delivering integrated attack signal in real-time.”

The Vectra AI Platform provides the highest-fidelity signal using patented AI-driven Attack Signal Intelligence. Attack Signal Intelligence continuously learns customers’ Microsoft environments to automatically connect the dots on attacker behaviors spanning the organization’s cloud and network environment.

Armed with hybrid and multi-cloud Attack Signal Intelligence, Microsoft customers get the hybrid and multi-cloud attack coverage, signal clarity and intelligent control they need to reduce siloed tool complexity, remove operational latency, and maximize existing SOC time and talent.

“Vectra AI covers not only the basics, but with the detection models, it really looks at the identities traversing through Microsoft Azure and Office 365, and that gives us a complete picture,” said Fabian Heiz, CISO at Coop. “Vectra AI has been a good partner for the last eight years.”

“By expanding our coverage of the Microsoft ecosystem with AI detections for Azure and Copilot, we are demonstrating to SOC teams that our Attack Signal Intelligence is AI they can trust, providing a unique blend of advanced technology, contextual understanding, and automation that other threat detection tools cannot compete against,” added Jeff Reed, Chief Product Officer at Vectra AI.

To learn more about Vectra AI’s coverage of Microsoft Azure environments, please visit https://www.vectra.ai/platform/cloud/azure-coverage.

Learn more about how Vectra AI is setting the new agentless standard for extended detection and response (XDR) by visiting its blog and following it on LinkedIn and X.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *