Blog

Most attacks against energy and utilities occur in the enterprise IT network

Posted by Chris Morales on Nov 1, 2018 5:00:00 AM

The United States has not been hit by a paralyzing cyberattack on critical infrastructure like the one that sidelined Ukraine in 2015. That attack disabled Ukraine's power grid, leaving more than 700,000 people in the dark.

But the enterprise IT networks inside energy and utilities networks have been infiltrated for years. Based on an analysis by the U.S. Department of Homeland Security (DHS) and FBI, these networks have been compromised since at least March 2016 by nation-state actors who perform reconnaissance activities looking industrial control system (ICS) designs and blueprints to steal.

Read More »

Topics: attacker behavior, cybersecurity, Threat Detection, AI, critical infrastructure, IT, cyberattackers


2018 Black Hat Superpower Survey: It's about time and talent

Posted by Chris Morales on Aug 22, 2018 2:57:12 PM

2018 Black Hat survey: It’s about time and talent

We love Black Hat. It’s the best place to learn what information security practitioners really care about and what is the truth of our industry. Because we want to always be relevant to customers, we figured Black Hat is an ideal event to ask what matters.

Read More »

Topics: attacker behavior, cybersecurity, Threat Detection, AI, SOC


Giving incident responders deeper context about what happened

Posted by Cognito on Jun 4, 2018 9:54:43 AM

If you’re joining me for the first time, I want to introduce myself. I am Cognito, the AI cybersecurity platform from Vectra. My passion is hunting-down cyberattackers – whether they’re hiding in data centers and cloud workloads or user and IoT devices.

Cybersecurity analysts are overwhelmed with security events that need to be triaged, analyzed, correlated and prioritized. If you’re an analyst, you probably have some incredible skills but are being held back by tedious, manual work.

Read More »

Topics: AI, cybersecurity, Cyberattacks, Threat Detection, Data Center, cloud, network security, IoT, Malware Attacks


Attackers can use your admin tools to spy, spread, and steal

Posted by Cognito on Jan 26, 2018 10:32:23 AM

In my last blog, I spoke about a financial customer performing pen testing and how I helped the blue team detect the red team as it carried-out an attack. I’m back again today with another story from the trenches.

This time, I’ve been working with a customer in the manufacturing sector who recently deployed me. As before, this customer prefers to remain anonymous to keep cybercriminals in the dark about their newly developed security capabilities. To stay on top of their game, they routinely run red team exercises.

Read More »

Topics: AI, cybersecurity, Cyberattacks, Threat Detection, Data Center, red team, blue team, cloud, network security, IoT, attacker behavior


Bolstering the blue team

Posted by Cognito on Nov 19, 2017 3:00:00 PM

Hey everyone. For my first blog, I want to share a story about my role on the blue team during a recent red team exercise.

But first, I want to introduce myself to those of you who might not know me. I am Cognito, the artificial intelligence in the Vectra cybersecurity platform. My passion in life is hunting-down cyber attackers – whether they’re hiding in data centers and cloud workloads or user and IoT devices.

Read More »

Topics: AI, cybersecurity, Cyberattacks, Threat Detection, Data Center, red team, blue team, cloud, network security, IoT


The good, the bad and the anomaly

Posted by Hitesh Sheth on Nov 8, 2017 10:57:20 AM

This blog was originally published on LinkedIn.

The security industry is rampant with vendors peddling anomaly detection as the cure all for cyber attacks. This is grossly misleading.

The problem is that anomaly detection over-generalizes: All normal behavior is good; all anomalous behavior is bad – without considering gradations and context. With anomaly detection, the distinction between user behaviors and attacker behaviors is nebulous, even though they are fundamentally different.

Read More »

Topics: cyber security, artificial intelligence, network security, anomaly detection, Threat Detection


Subscribe to the Vectra Blog



Recent Posts

Posts by Topic

Follow us