Vectra AI has announced the release of Account Lockdown, the first NDR solution to confront enforcement based on prioritized, high fidelity attacker behaviours and surgical, identity-based enforcement action.
Existing security enforcement approaches are based on anomalies that create unmanageable volumes of noise. In fact, 42 percent of teams ignore a significant number of alerts because they can’t keep up with the volume. To make matters worse, a large percentage of these are false positives, which creates havoc on the infrastructure and hampers productivity when enforcement is taken on properly operating systems or accounts. Legacy Network Detection and Response paradigms continue to double down on this approach.
“Effective enforcement has to begin with visibility. You can’t fight what you can’t see. The more clarity you have, the more definitive your outcomes will be,” said Vectra CEO Hitesh Sheth. “Further, it’s been widely established by now that most modern cyberattacks target users instead of infrastructure or devices. Security teams should take a page out of the attacker playbook and enforce based on users instead of the network or devices.”
The Vectra platform generates prioritized signals that automatically identify behaviours rather than anomalies and ensures that analysts are spending their time and resources focused on the most important incidents. Account Lockdown takes this one step further, enabling automatic enforcement on these privilege-based, high fidelity signals.