www.vectra.ai
Open in
urlscan Pro
52.17.119.105
Public Scan
Submitted URL: https://email.vectra.ai/e3t/Ctc/I8+113/d2zHvP04/MX9gzGvDtl6W5Q1Ynw4xpwlzW76My9755fmBGN8JCsFl3dh8MW8wLKSR6lZ3lZW8ZrbjK60J...
Effective URL: https://www.vectra.ai/blog/the-defenders-dilemma-the-need-for-time-tools-that-build-skills-and-expertise?utm_medium=em...
Submission: On November 03 via api from ES — Scanned from ES
Effective URL: https://www.vectra.ai/blog/the-defenders-dilemma-the-need-for-time-tools-that-build-skills-and-expertise?utm_medium=em...
Submission: On November 03 via api from ES — Scanned from ES
Form analysis
1 forms found in the DOM/search
<form action="/search" class="l-menu__search w-form" style="display: none; width: 0px;" __bizdiag="107944136" __biza="WJ__" data-hs-cf-bound="true"><input type="search" maxlength="256" name="query" placeholder="Search" required=""
class="search-input w-input"><input type="submit" value="Search" class="search-button w-button">
<div data-w-id="7a64a142-e9d6-8fa1-e1e0-918d763dcc31" class="search-exit"></div>
</form>
Text Content
SOC analysts get 4,484 (average) alerts daily and can’t deal with 2/3 of them. Read the 2023 State of Threat Detection Report Platform Platform The integrated signal for extended detection and response (XDR). Detect – Prioritize – Investigate – Respond Public Cloud SaaS Identity Network Managed Detection & Response Services See our integrations Our AI Arm your security analysts with intel to stop attacks fast. Attack Signal Intelligence analyzes in real-time to show where you’re compromised right now. Use Cases SOC Modernization SIEM / SOAR Optimization IDS replacement EDR extension Cyber Resilience Cloud Identity Protection Cloud Control Plane Protection Cloud Posture Improvement Risk Management Critical Infrastructure Risk OT Environment Risk Remote Workforce Risk See all use cases Hybrid Attack Types Account Takeover Advanced Persistant Threats Data Breach Ransomware Supply Chain Attacks Nation State Attacks Hybrid Attacks Progressions Zero-day exploit Spear Phishing MFA Bypass Live off the Land Credential Stuffing Industries Banking and Finance Government/Federal Telecom Manufacturing Pharmaceuticals Energy & Utilities Healthcare Higher Education Real Estate Retail & Wholesale Customers Support Hub Customer Stories Knowledge Center Product Releases Professional Services Managed Detection & Response Services It’s back! Two exciting locations. Charlotte, North Carolina 03/11-14/2024; Lisbon, Portugal 03/25-28/2024 Register now -------------------------------------------------------------------------------- Customer login Research & Insights Resources Blog Breaking news and expert insights Events & Webinars Blue Team Workshops, on-demand webinars and global events near you Resource Center Research reports, attack anatomies, white papers, guides, datasheets and customer stories Product in action Vectra AI Platform Demo CDR Product Tour (AWS) NDR Product Tour (Ransomware) CDR/IDR Product Tour (Azure AD, M365) See the Vectra AI Platform in action. See how integrated signal from Vectra AI lets you see and stop sophisticated attacks other technologies miss. Take the interactive tour Partners Find a Partner Strategic Alliances Technology partners Become a Partner Overview Managed Services Provider (MSSP) Value Added Reseller (VAR) Company About Us See why we’re the world leader in AI security Leadership Board of Directors Investors Media Coverage Contact Us Request an intro with a Vectra AI security expert Support Deployment guides, knowledge base, release notes and security announcements Careers Join the team behind the world’s first AI-based cybersecurity platform News releases Breaking news from Vectra AI Vectra AI Blog Expert insight from security researchers, data scientists and engineers Media Room Challenges in Azure Log Monitoring: Insights for Your SOC Vectra AI’s Security Research Team identified issues in Entra ID and Microsoft 365 logs that make your job harder — and may help attackers evade detection. Read more Free Demo English FrançaisDeutsch日本語EspañolItalianoTürkçe Platform Customers Research & Insights Resources Partners Company English FrançaisDeutsch日本語EspañolItalianoTürkçe Log in Free Demo Back Platform The integrated signal for extended detection and response (XDR). Detect – Prioritize – Investigate – Respond Public Cloud SaaS Identity Network Managed Detection & Response Services See our Integrations Our AI Arm your security analysts with intel to stop attacks fast. Attack Signal Intelligence analyzes in real-time to show where you’re compromised right now. Use Cases Attack Types Emerging Attack Methods Industries Back / Platform Use Cases SOC Modernization SIEM / SOAR Optimization IDS replacement EDR Extension Cyber Resilience Cloud Identity Protection Cloud Control Plane Protection Cloud Posture Improvement Risk Management Critical Infrastructure Risk OT Environment Risk Remote Workforce Risk See all use cases Attack Types Account Takeover Advanced Persistant Threats Data Breach Ransomware Supply Chain Attacks Nation State Attacks Emerging Attack Methods Hybrid Cloud Lazarus Group Lapsus$ Volt Typhoon Microsoft SaaS Industries Banking and Finance Government/Federal Telecom Manufacturing Pharmaceuticals Energy & Utilities Healthcare Higher Education Real Estate Retail & Wholesale Back Customers Support Hub Customer Stories Knowledge Center Product Releases Professional Services Managed Detection & Response Services Resources Blog Events & Webinars Resource Center Product in action Vectra AI Platform Demo CDR Product Tour (AWS) NDR Product Tour (Ransomware) CDR/IDR Product Tour (Azure AD, M365) Find a Partner Strategic Alliances Technology partners Become a Partner Overview Managed Services Provider (MSSP) Value Added Reseller (VAR) About Us See why we’re the world leader in AI security Leadership Board of Directors Investors Media Coverage Contact Us Support Careers News releases Vectra AI Blog Media Room Cybersecurity THE DEFENDERS’ DILEMMA - THE NEED FOR TIME & TOOLS THAT BUILD SKILLS AND EXPERTISE October 17, 2023 Mark Wojtasiak Vice President of Product Marketing At Vectra AI we believe in the importance of security testing – it is one of the best ways to improve defenders’ skills and expertise and build confidence that ongoing security investments continue to provide ROI. Core to this endeavor is empowering defenders by making effective security testing easier, more effective, and more accessible when it comes to exposing risk, prioritizing mitigations, and increasing safety. That’s why we invest so heavily in our own teams to not only build and share their expertise but also develop and contribute tooling into the broader defender community. “Everyone has security testing going on around the clock; you just aren’t always notified ahead of time, nor will you always receive the report.” This tongue-in-cheek sentiment in the security community typically underscores that there is always someone probing the attack surface of the enterprise – the obvious preference is that it is the defenders who in turn use that knowledge to harden and mitigate risk. The unfortunate reality is that defenders face barriers to performing internal security testing, ranging from time, to skills, to tooling, to the underlying costs of the activity. This is a problem that requires a community solution – and we are proud to be part of a community that continues to invest in our defenders. To that end, we are highlighting three projects driven by our Vectra AI team members that we are proud to offer our defender community: * MAAD-AF * ./HAVOC * The DeRF MAAD-AF The Microsoft 365 & AzureAD - Attack Framework (MAAD-AF), is an open-source cloud attack tool developed for testing security of Microsoft 365 & Azure AD environments through adversary emulation. MAAD-AF enables security practitioners with easy-to-execute attack modules that exploit M365/AzureAD tools & services to emulate attacker TTPs in the cloud. MAAD-AF is designed to make cloud security testing simple, fast and effective. Through its virtually no-setup requirement and easy interactive modules, security teams can test their security controls and detection & response capabilities easily and swiftly. https://github.com/vectra-ai-research/MAAD-AF/tree/main ./HAVOC · ./HAVOC is an open-source Adversary Emulation as Code platform and framework. The platform provides capabilities that purple-teamers will love such as containerized infrastructure, supporting services that include load-balancers with CA-signed certificates to neatly obscure your C2 traffic behind, and cloud-native features like triggers for executing commands in response to an action, and pre-signed URLs for securely downloading and uploading files. A playbook operator allows for autonomous execution of playbooks that carry out full kill-chain adversary operations like recon, lateral movement, and exfiltration. https://havoc.sh THE DERF The DeRF (Detection Replay Framework) is an "Attacks-as-a-Service" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Use the DeRF to simulate attacker behavior, exercise detection portfolios and validate restrictive controls in the cloud. https://thederf.cloud Whether you’re an incident handler, a threat-hunter, a red teamer, or somewhere in-between – we value your partnership, we’re open to your feedback, and we’re eternally grateful to be members of the larger defender community solving this problem together. After all, defense is a team sport. Happy hunting! WANT TO LEARN MORE? Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization. If you’d like to hear more, contact us and we’ll show you exactly how we do this and what you can do to protect your data. We can also put you in contact with one of our customers to hear directly from them about their experiences with our solution. Contact us RELATED BLOGS October 26, 2023 Cybersecurity The Defenders’ Dilemma – the need to be heard In my last post, we talked about the importance of security testing as one of the best ways to improve defenders’ skills and expertise and build confidence that ongoing security investments continue to provide ROI. Read more October 17, 2023 Cybersecurity The Defenders’ Dilemma - The need for time & tools that build skills and expertise The best ways to improve defenders’ skills and expertise and build confidence that ongoing security investments continue to provide ROI. Read more October 3, 2023 Cybersecurity Who’s on the hook when Cybersecurity Awareness fails? The Defenders’ Dilemma Hooray! It’s Cybersecurity Awareness Month – a security marketer's dream. An entire month dedicated to building awareness and educating the public on adopting safe cyber practices. Read more Platform Public CloudSaaSIdentityNetworkEndpoint Managed Detection & Response Services See our Integrations Our AI Vectra AI Detections Use Cases SOC Modernization EDR ExtensionIDS ReplacementPCAP ReplacementSIEM / SOAR Optimization Signature + AI-driven Detection Cyber Resilience Cloud Identity ProtectionCloud Control Plane Protection Cloud Posture Improvement Risk Management Cloud Identity ProtectionCloud Control Plane Protection Cloud Posture Improvement See all Use Cases Hybrid Attack Types Account TakeoverAdvanced Persistent ThreatsData BreachNation State AttacksRansomware Supply Chain Attacks Hybrid Attacks Progressions Zero-day ExploitSpear PhishingMFA BypassCredential StuffingSunburst Live off the Land Industries Critical National InfrastructureEnergy & UtilitiesFinanceGovernment/FederalHealthcareHigher EducationManufacturingPharmaceutical & medicalReal EstateRetail & WholesaleSoftware & Technology Telecom Vectra AI Topics Customers Customer Stories Support Hub Knowledge Center Product Releases Professional Services Managed Detection & Response Services Research & Insights Resources BlogResource CenterEvents and Webinars Partners Become a PartnerPartner OverviewMSSPsTechnology Partners VARs & Distributors Partner Portal Login Company About UsLeadershipBoard of DirectorsInvestorsBlog Careers Contact Us support@vectra.ai Headquarters 550 S. Winchester Blvd. Suite 200 San Jose, CA, USA 95128 Data Processing AgreementTerms of ServiceTerms of UseTrademarksTrust CenterPrivacy PolicyVectra Ethics Hotline © 2023 Vectra AI, Inc. All rights reserved. English Français Deutsch 日本語 Español Italiano Türkçe × This website uses cookies This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy. Read more Strictly necessary Performance Targeting Functionality Unclassified Save & Close Accept all Decline all Show details Hide details