SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Vectra AI launches Microsoft 365 posture management tool
Tue, 7th Jun 2022
FYI, this story is more than a year old

Vectra AI has launched Vectra Protect, a posture management tool designed to find and mitigate security risks in Microsoft 365.

Vectra AI's latest offering is the culmination of more than 50,000 hours of research and development.

It automates analysing a company's Microsoft 365 security posture, providing customised plans to implement and remediate risks.

Vectra AI is also extending a free sign-up for an Azure Active Directory scan until September 30, 2022, to ensure all businesses have access to this new offering, irrespective of security staffing or resources.

The company notes that more than 270 million people use Microsoft 365's collaboration tools, and with this uptake comes cyber attackers actively targeting access management tools such as Azure Active Directory to gain access to other SaaS tools and enterprise network assets.

Once inside, the attackers establish a foothold to carry out ransomware attacks, steal intellectual property and gain unauthorised access to sensitive user data.

“Events of the past two years have accelerated adoption of public clouds, because no company wanted to deal with the physical realm,” Vectra Asia-Pacific and Japan vice president David Sajoto says.

“This resulted in more emphasis on adopting SaaS applications and moving from on-prem Exchange servers to M365 became a ‘gold standard'.

“Essentially, businesses had their stationary defenses set up around their fortress, and then moved everything out of that fortress which created new risks.

Vectra Protect's scanning engine combines insights from the Microsoft 365 Graph API and PowerShell module data to provide a holistic view into the integrity of every identity in a company's Microsoft 365 environment.

Vectra Protect provides organisations with:

Quick, actionable remediation insights

Offering a multi-stage methodology, the scan offers businesses actionable results within hours and also creates a comprehensive risk mitigation map to refrain from slowing down security teams with additional alerts.
This provides a path to implementing changes with straightforward guidance on risk and operational impact.

Tailored cloud support

In line with an organisation's industry standards and regulatory requirements, Vectra Protect offers insight into the severity of vulnerabilities, material changes to their configuration state, the operational impact of the required solution, and the steps to take to remediate issues.

Configuration correction and compliance

The latest offering also explores in depth the configuration complexities of Microsoft 365, highlighting misconfigured areas and providing clear information to guide companies to complete risk resolution and give security teams evidence that their policies are effective and compliant.

Through these offerings, organisations can become more efficient in implementing and using SaaS tools such as Microsoft 365 by getting rid of default settings and aligning operations, information technology, security and audit teams on security priorities.

“Azure AD has become a large attack vector as cybercriminals look to exploit the lack of security controls and solutions currently available for the tool,” Vectra AI SaaS Protect chief technology officer Aaron Turner says.

“Organisations must understand that Microsoft's default security settings are not specifically tailored to their business operations or industry, which introduces waves of unnecessary risk.

“Combining this with the constant changes in [Microsoft 365], both internally and externally, leaves a host of potential vulnerabilities and configuration issues that organisations are responsible for correcting.

“Vectra Protect helps unravel this complexity to deliver the visibility and assurance organisations need to protect these essential business tools.

Valued at up to $50,000, the free Vectra Protect for Azure Active Directory scan will be readily available to any Microsoft 365 customer operating in any Microsoft 365 environment.

The scan focuses on access management in the active directory as this is a common foothold for unauthorised access and risk.