Tuesday, 25th February 2020

Strengthening the enforcement of zero trust

New Privileged Access Analytics drives visibility into privileged entities and detects malicious interactions to mitigate the single biggest threat to critical data.

Vectra says that Privileged Access Analytics (PAA) are available with the Cognito platform to monitor the interactions between user accounts, services and hosts, and provide continuous visibility and assessment of privileges required to enforce zero trust.

A traditional access-based approach to zero trust relies on one-time security gating decisions that use a predefined list of privileged identities. This approach is fundamentally flawed when cyberattackers steal credentialed access or have escalated privileges.

“We must have visibility into what the entity – the user, the executable, the device, the network connection and so on – is doing once it gains access,” according to Neil MacDonald, Gartner distinguished VP analyst and author of the Seven Imperatives to Adopt a CARTA Strategic Approach report. “How is it behaving? Does the entity or its behaviors represent excessive risk? If so, then we should have the ability to detect this, confirm that it is real, prioritize it and take action.”

With PAA, the Cognito platform continuously monitors the behaviors of user accounts, services and hosts once they gain access to and operate on the network. As a result, Cognito delivers both a continuous real-time assessment of their privilege levels by scoring their behaviors for threat and certainty, and a risk-level prioritization for them. This empowers security teams with the right information to take quick action against the malicious use of privilege across cloud and hybrid environments.

“The real-time assessment of trust is performed by continuously observing the behavior of user accounts, services and hosts on the network,” said Dr. Jacob Sendowski, director of product management at Vectra. “Now, when privileged credentials are compromised and abused, the new suite of Cognito PAA detection models are able to uniquely determine the malicious use of privilege in real-time.”

“Privileged Access Analytics gives me continuous visibility into the accounts, services and hosts that are most valuable to me,” said Milos Pesic, cyber security specialist at ED&F Man Holdings Ltd., an employee-owned agricultural commodities merchant with 7,000 people in 60 countries. “We can easily scrutinize the behaviors on each to see if they represent a significant risk to our organization. This has significantly decreased our time to investigate from minutes to seconds.”

The third annual Verizon Mobile Security Index takes a deep dive into the state of mobile security,...
The UK organisations face the biggest challenges at the data storage stage of the data lifecycle; mo...
FireMon has released its 2020 State of Hybrid Cloud Security Report, the annual benchmark of the clo...
McAfee, the device-to-cloud cybersecurity company, has introduced partner program innovations, eight...
Two 4SECURail teams aim to design a Computer Security Incident Response Team (CSIRT) for joint EU-Ra...
EU-funded scientists have developed encryption chips that use quantum physics to make the internet ‘...
Juniper delivers on the benefits of a Threat-Aware Network by securing more traffic, in more areas o...
Venafi sponsored report by AIR Worldwide reveals large companies will see the highest proportion of...