Tag: Network Threat Detection

Vectra: AI Threat Detection (Live Threat Detection)

Many industries are either in the prevent or in the forensic stage to resolve their threat. However, non are detecting active threats running in the enterprise. Thus, this will lead to huge implication to the enterprise.

vectra-logo-og

Vectra is an Artificial Intelligent (AI) Threat Detection and Response. How cool is that?

Vectra uses algorithm to detect threats, instead of using a Database of threats to identify threats in the network environment.

What does Vectra do ;

  1. Is that it always keeps tracks of packets following in and out of the premises
  2. Detects types of threat that is found on a packet
  3. Keep tracks of the packet threat stage
  4. Provide “From” and “To” details of the transmission of packets
  5. Alert the premises’s technical team about threat
  6. Allow premises’s technical team to determine what types of threat to detect on packets

2 types of flow of compromise of threats;

vectra1.png

  • Procedure steps threats
    • Go through number of stages to extract confidential data
  • Direct attack threats
    • Extract confidential data directly once compromise

These are the summarize definition of the image above (stages of threats);

Command & Control Botnet monetization Internal reconnaissance Lateral Movement Exfiltration
•C&C

•Cyber admin  coordinate an attack over time

 •Commonly associated with click fraud, sending spam or generating DDoS traffic at a target

Consume valuable resources

Damage the external reputation of the network

•Target is not an organization’s more critical assets

 •Vital part of a targeted attack

•Begins shortly after an initial infection

•Allow Cybercriminals orient an attack inside a network and identify targets for lateral movement

 •Establish multiple points of persistence in a network while moving deeper toward key assets Extract compromised data from inside a network to a remote external attacker

•Multiple hops or staging phases to evade security controls

Is good to know that there is a technology that could help enterprise to avoid threats attack first before being compromised.

Vectra detects Active Attacks;

v1

Below is a graph of how most organization focus on which phases more to protect their environment from threats,

v2.png

References:

  1. https://vectra.ai/understanding-todays-cyber-security-challenges