Hi Hitesh. Could you tell us about your journey and how you arrived at Vectra?
- Breaches were going to be norm
- Perimeter technologies like firewalls were rapidly going to be relegated to irrelevance
- Signature-based systems were ineffective
- Vendors had become accustomed to torturing customers with complex security solutions that were barely usable.
Given this confluence of factors, the opportunity to apply Artificial Intelligence (AI) to dramatically innovate how we could detect and respond to advanced attacks (the new norm), created an incredible opportunity to build a next-generation security company. Which directly led to the creation of Vectra.
Digital Transformation is a core Enterprise operation. Basic, yet, it’s the toughest. What are the unique challenges that you mitigate for your customers?
Digital Transformation can become a task rife with complexities and it is no surprise that security risks become a byproduct of that. We mitigate that risk.
Effective Network Detection and Response (NDR) provides visibility that simplifies complexity, replacing it with the confidence that a customer’s security capabilities will enable, not inhibit, their journey – legacy methods disproportionately focused on prevention are brittle and frankly designed in such a way that makes this journey needlessly costly and difficult. Modern security built on detection and visibility removes risk and uncertainty.
What are the business challenges that Vectra solves?
Vectra uses AI to hunt for hidden cyberthreats that have defeated traditional security measures and are active inside Enterprise Networks and Cloud Computing environments. Vectra Cognito is agnostic of device, operating system and users, and can monitor any entity communicating across Enterprise Networks or in the Cloud. Think of Vectra Cognito as a Cybersecurity Analyst in software.
The sheer volume and frequency of cyberattacks make it impossible for Security Analysts to use manual threat analysis to keep up with the rapidly changing threat landscape. AI innovations now make it possible to automate previously-manual security operations. The benefits of automation that we provide are significant for security operations teams:
- Respond faster to stop in-progress attacks that pose a significant risk
- More time to conduct in-depth threat investigations
- Combine multiple threat events into a single incident to investigate instead of manually sifting through volumes of unrelated security alerts
- Unique context shows where attackers are and what they are doing
- Make intelligent decisions to continually strengthen security posture
Tell us how Vectra Cognito benefits SaaS customers. Why should potential customers choose Vectra?
Credential abuse is the leading attack vector in SaaS, especially for Office 365. We recently announced the launch of Cognito Detect for Office 365 which is backed by new detection models focused on credentials and privilege in SaaS applications. This expanded our Cloud coverage from Infrastructure-as-a-Service (IaaS) and extended the ability to track attacker activity pivoting between on-premise, data center, IaaS, and SaaS.
At Vectra, we believe that because attackers don’t operate in silos, a security solution shouldn’t either. We deliver complete visibility across your deployment footprint that leaves attackers without a place to hide. We are the first and only NDR solution available today which applies privilege-based detections in SaaS applications.
We provide innovative AI-powered cybersecurity solutions to enterprises around the world.
We know about the various Data Science applications merged with Cloud Computing. Could you tell us how you bring these together at Vectra?
At its core, the fusion of Data Science provides insight at scale, and Cloud Computing enables operation at scale. These are two key pillars of our platform and services. It is with this scale in mind that we internally to train and develop the models we ship to protect our customers as well as our ability to scale to meet the massive demands of our large enterprise customers.
Unlike Intrusion Detection and Prevention Systems (IDPS) that attackers can easily evade, Vectra does not use signatures to block known threats. Instead, Vectra combines Data Science, modern Machine Learning techniques, and Behavioral Analytics to detect the immutable behaviors that cybercriminals must perform when they carry out an attack.
Tell us more about the business side of Data Science. For example: Turning AI into a service, or training Big Data teams, to build security platforms?
In a business context, Data Science techniques allow us to make actionable insights into what otherwise may have been an overwhelming amount of data. However, it isn’t a complete substitute for domain expertise. In our case, Vectra’s extensive threat research and security expertise provides the foundation for which our Data Science is built upon.
For example, just finding anomalies in a dataset is relatively trivial, but bounding the problem space in such a way that those anomalies tell an insightful narrative as the basis for decision making is a powerful business enabler.
We all know the importance of digitally transforming the remote workforce. What are the various types of security threats that particularly impact remote workers?
Much time has been spent acknowledging that remote workers will be farther removed from traditional enterprise security, and less likely to be working in a well-managed, secured environment. Still, it is important that security evolves with remote staff to continue to enable the availability of the data and services that they consume, and limits disruption only to malicious, unauthorized actors. Without effective visibility into these services, an enterprise, unfortunately, accepts more bad actors, more disruption to users, or both.
With so many employees working remotely, these changes directly impact a company’s attack surface as hackers exploit home networks that are generally not secure. In response, security companies leveraging AI need to help both the IT organizations in the companies but also provide best practices for individuals, particularly those in healthcare who are not tied to large corporations and therefore lack access to best practices.
During the COVID-19 pandemic, organizations of all sizes need to remember that there is a major difference between “help” and “free.” Both public and private companies are dealing with a whirlwind of challenges, and providing free time trials for complex security solutions is not going to alleviate the strain on the global workforce.
During this period, all cybersecurity vendors must come together and offer our time, not just our product, to less cyber-savvy industries. This includes SMBs all the way up to large scale enterprises. This will ensure experts are available to easily provide product mitigation, customer service, license extensions, and, most importantly, best practices.
Recommended AI: AiThority Interview with Rohan Chandran, CPO at Infogroup
How can companies protect their identity in the case of cyber-attacks?
Cyber risk continues to be widespread as security teams struggle with alert fatigue and degrading efficiency as they attempt to keep pace with the high volume, undiscriminating signals that steal time and energy from threat mitigation. To compound the issue, even when high priority signals can be surfaced, organizations lack the tools to precisely take action against ongoing attacks.
Effective enforcement has to begin with visibility. Frankly, you can’t fight what you can’t see. The more clarity you have, the more definitive your outcomes will be. The Vectra Cognito platform generates prioritized signals that automatically identify behaviors rather than anomalies and ensures that analysts are spending their time and resources focused on the most important incidents. Our Account Lockdown takes this one step further, enabling automatic enforcement on these privilege-based, high fidelity signals.
Hear it from the expert: Do you think security measures actually impact agility benchmarks? if yes, how?
Security measures absolutely impact enterprise agility benchmarks. Modern approaches, like Vectra, enable enterprise agility through visibility into intelligently managing risk and reducing costs, while legacy approach focused exclusively on locking down the enterprise inevitably collide with the need for business agility – disrupting business objectives, increasing costs, even as they’ve been shown to be ineffective against modern adversaries.
The modern enterprise recognizes that security that enables agility gives it the confidence to move forward towards its objectives with reduced operational costs and risks.
Tag a person from the industry whose answers you would like to see here.
Tim McAdam, General Partner at TCV.
Thank you, Hitesh! That was fun and we hope to see you back on AiThority.com soon.
Hitesh Sheth is the President and CEO of Vectra. Previously, he held the position of Chief Operating Officer at Aruba Networks. Hitesh joined Aruba from Juniper Networks, where he was EVP/GM for its switching business and before that, SVP for the Service Layer Technologies group, which included security.
Prior to Juniper, Hitesh held a number of senior management positions at Cisco. Before Cisco, he held executive and engineering management positions at Liberate Technologies and Oracle Corporation. Hitesh started his career as a Unix programmer at the Santa Cruz Operation. He holds a BA degree in Computer Science from the University of Texas at Austin.
Vectra is the leader in AI-based network detection and response (NDR) solution for cloud, SaaS, data center and enterprise infrastructures in real time, while empowering security analysts to perform conclusive incident investigations and AI-assisted threat hunting. Comprehensive cyberattack detection and response is mandatory in today’s hostile data environments, and the stakes have never been higher. No other company comes close to Vectra in proactively hunting down cyber-attackers and reducing business risk. Our core team consists of threat researchers, white hats, data scientists, network security engineers, and UI designers. We constantly push the boundaries of what’s possible to drive the next generation of security.