SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Microsoft partners with Vectra AI on Zero Trust security framework
Thu, 22nd Jul 2021
FYI, this story is more than a year old

Microsoft has partnered with Vectra AI on its Zero Trust security framework.

Vectra AI has announced the Vectra Cognito platform will deliver key Zero Trust capabilities for Microsoft 365 and Microsoft Azure customers. The company says it's uniquely positioned as an integral part of the model, which assumes breaches by investigating the behaviour of users, workloads, networks, and devices as though they originate from an untrusted network.

Cloud applications and a mobile workforce have redefined the security perimeter, and corporate resources and services often bypass on-premise, perimeter-based security models, while relying on obsolete network firewalls and VPNs.

Attempting to address this, Microsoft developed the Zero Trust Maturity Model to adapt to the complexities of modern environments. With the integration of the Vectra Cognito platform, customers will have access to AI-powered threat detection to monitor and verify the communications within business-critical applications.

“Vectra Cognito platform was developed on the idea that standard, static security measures like firewalls, NAC, and VPNs were not enough to protect the modern enterprise,” says Vectra VP of partnerships, Randy Schirman.

“With the hybrid remote work model effectively rendering traditional security measures obsolete, we are completely aligned with the Microsoft Zero Trust Model approach.

The Vectra Cognito Platform uses AI to find and prioritise hidden attacks in real-time, inside Microsoft Office 365, Azure Active Directory, cloud, data center, IoT, and enterprise networks before attackers irreparably harm the organisation.

“Over the past 12 months, our customers in ANZ have been accelerating their adoption of cloud and hybrid remote working models,” says Vectra AI country manager ANZ, Tony Bauman.

“This forces them to completely alter their security approach to address the increased cyber threat within these environments. We're pleased to be working with Microsoft to provide the key capabilities of a Zero Trust security framework and provide our customers with the visibility they need in their hybrid and cloud environments, as well as meeting their organisation's security objectives.

The platform allows security teams to prevent attacks earlier in the kill chain, which Vectra says will ensure business continuity applications are available and accessible for the entire extended workforce.

According to Vectra, the platform will help deliver visibility and analytics on the Zero Trust framework's three guiding principles:

  • Verify explicitly. Always authenticate and authorise based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies.
  • Use the least privileged access. Limit user access with Just-in-Time and Just-Enough (JIT/JEA), risk-based adaptive policies, and data protection to protect both data-based adaptive policies and data protection.
  • Assume breach. Minimise blast radius for breaches and prevent lateral movement by segmenting access by network, user, devices, and application awareness. Verify all sessions are encrypted end to end. Use analytics to get visibility, drive threat detection, and improve defences.

“Threat detection and response that accurately detects network anomalies and account takeover by monitoring user and machine behaviour is a core capability for Zero Trust,” says Microsoft senior director of business development, Desmond Forbes.

“Vectra provides customers with visibility into their hybrid cloud environments, the accounts used, and integrates that information with Microsoft Defender for Endpoint and Azure Sentinel to meet our joint customers' Zero Trust objectives.