Data Security

Vectra AI Reveals Cybersecurity Blind Spots in PaaS and IaaS Environments with Security Survey

Vectra AI | August 06, 2021

Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.

As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found:

64% of DevOps respondents are deploying new workload services weekly or even more frequently
78% of organizations are running AWS across multiple regions (40% in at least three)
71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)
The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:

30% of organizations surveyed have no formal sign-off before pushing to production
40% of respondents say they do not have a DevSecOps workflow
71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers.

Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.  

"Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness."

Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.

To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report or read our companion blog.

About Vectra

Vectra is the leader in threat detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using AI to enrich network metadata it collects and stores with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers four applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed. And Cognito Detect for Office 365 and Azure AD™ finds and stops attacks in enterprise SaaS applications and the Microsoft 365 ecosystem.

Spotlight

More than 90% of the threats that reach user inboxes, including BEC, rely on email impersonation. They pass through email security gateways and use social engineering to compromise their targets. In this report, we examine campaigns, tactics, and infrastructure used in recent BEC and email impersonation attacks so that organizat

Spotlight

More than 90% of the threats that reach user inboxes, including BEC, rely on email impersonation. They pass through email security gateways and use social engineering to compromise their targets. In this report, we examine campaigns, tactics, and infrastructure used in recent BEC and email impersonation attacks so that organizat

Related News

Data Security, Software Security, Cloud Security

Lookout Introduces Gen AI Assistant ‘Lookout SAIL’ to Transform Cybersecurity Operations

Business Wire | August 11, 2023

Lookout, Inc., the endpoint-to-cloud security company, today announced the launch of Lookout SAIL, the Company’s new generative artificial intelligence (gen AI) assistant that will reshape the way cybersecurity professionals interact with Lookout Mobile Endpoint Security and Lookout Cloud Security solutions and conduct cybersecurity analysis and data protection. In the rapidly evolving landscape of cybersecurity, companies are engaged in an ongoing battle against cyber criminals who are constantly innovating new tactics. As cyber threats become increasingly sophisticated, every organization faces challenges such as a growing skills gap and resource constraints that hinder the operational efficiency of cyber defenders. Lookout SAIL’s functionalities focus on security education, platform navigation and security telemetry analysis. This gen AI assistant serves as a valuable companion, offering insights and assistance to users, ultimately streamlining tasks such as administration, policy creation, incident response and threat hunting. Lookout SAIL allows people to interact naturally with the Lookout platform instead of having to learn from a user manual or guide. Through its integration into Lookout's existing user experience, Lookout SAIL also enhances workflow and accelerates user interactions, leading to increased productivity and effectiveness. Lookout SAIL capabilities include: Platform navigation and operational efficiency: Speeds up onboarding to the Lookout platform, guiding new users through relevant platform features and answering onboarding questions within the chat feature. Users can easily “sail” around the platform to obtain answers, visualize results, and perform desired actions. Example: “Help me add a new admin to the system.” Security status: Allows users to ask questions about specific tenants and investigate their organization’s security posture. Example: “Find high and medium-risk iOS devices that have anti-phishing features enabled.” Security education: Equips users with up-to-date industry knowledge on basic and emerging topics. Example: “What is the difference between Secure DNS and On-Device VPN?” “Lookout SAIL is a force multiplier for cyber defenders. It allows people to interact naturally with the Lookout platform instead of having to learn from a user manual or guide. It’s the start of a journey that fundamentally transforms how people interact with systems and information, touching everything from onboarding to training, as well as cybersecurity tasks like administration, policy creation, incident response, and threat hunting,” said Aaron Cockerill, Chief Strategy Officer, Lookout. “Think of Lookout SAIL as a helpful companion, providing useful information to the user and taking them directly where they need to be, even performing actions for the user on demand.” Lookout has a storied history with AI and machine learning. Since its founding 15 years ago, Lookout has treated mobile cybersecurity and anti-phishing as a Big Data problem — and one that requires machine learning to solve. The Company also applied the same strategy to security against insider threats and account takeovers, pioneering the use of machine learning to monitor user behavior to prevent data leakage and exfiltration. The Company now has the world’s largest mobile security dataset. Lookout platform analyzes telemetry from 215 million Android and iOS devices, 269 million apps from app stores worldwide and hundreds of millions of web destinations to uncover hundreds of phishing sites every day. This enables Lookout customers the ability to detect and respond to security threats in real-time on mobile endpoints and in the cloud. About Lookout Lookout, Inc. is the endpoint-to-cloud security company purpose-built for the intersection of enterprise and personal data. We safeguard data across devices, apps, networks and clouds through our unified, cloud-native security platform — a solution that's as fluid and flexible as the modern digital world. By giving organizations and individuals greater control over their data, we enable them to unleash its value and thrive. Lookout is trusted by enterprises of all sizes, government agencies and millions of consumers to protect sensitive data, enabling them to live, work and connect — freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.

Read More

Enterprise Security

OpenAI Announces ChatGPT Enterprise for Business Needs

OpenAI | September 07, 2023

OpenAI unveils ChatGPT Enterprise, which provides businesses with enterprise-grade advanced capabilities. ChatGPT Enterprise offers a brand-new administrator portal with tools to manage how employees utilize ChatGPT within an organization. The launch of ChatGPT Enterprise coincides with intensifying competition in the chatbot domain with companies such as OpenAI, Google, Microsoft, and Anthropic. According to OpenAI, artificial intelligence can enhance numerous aspects of professional lives and increase team creativity and productivity. This represents an important milestone in the development of an AI assistant for the workplace that can help with any task, which is tailored to business needs and protects sensitive information. OpenAI, an industry-leading AI research and deployment organization that conducts research and implements machine learning (ML), announced the introduction of ChatGPT Enterprise. The latest product offers enterprise-grade protection and privacy, extended context windows for processing longer inputs, limitless higher-speed GPT-4 access, customization possibilities, additional data analysis capabilities, and much more. ChatGPT Enterprise introduces an all-new admin portal equipped with essential tools for managing and controlling ChatGPT's usage within a company. These tools include domain verification integrations, single sign-on integrations, and a user-friendly dashboard packed with usage statistics. Employees can leverage ChatGPT to streamline internal processes and construct internal workflow through easily shareable discussion templates. Additionally, businesses have the option to tailor ChatGPT-powered solutions to their specific needs by utilizing credits on OpenAI's API platform. OpenAI’s latest product grants users unrestricted access to an advanced data analysis feature previously known as Code Interpreter. This capability empowers ChatGPT to proficiently analyze data, solve mathematical problems, create charts, and perform a range of other tasks. Both ChatGPT Plus and ChatGPT Enterprise operate on the powerful GPT-4, OpenAI's cutting-edge AI model. However, ChatGPT Enterprise customers enjoy priority access to GPT-4, which boasts twice the speed of the standard GPT-4 model and an expanded context window that accommodates up to 32,000 tokens, equivalent to approximately 25,000 words. The introduction of ChatGPT Enterprise overlaps with intensifying competition in the chatbot sector. OpenAI, Google, Microsoft, and Anthropic are engaged in an intense AI arms competition. In addition to releasing new chatbot applications, their objective is to introduce innovative features that encourage the widespread adoption of generative AI in daily operations. Google and Microsoft, for example, are continuously refining their respective Bard and Bing chatbots with innovative features such as visual search. In the meantime, Anthropic, an AI startup founded by former OpenAI executives, has made a splash with its AI chatbot, Claude 2.

Read More

Data Security, Cloud Security

Concentric AI Announces Multi-Lingual Support to Address Growing Global Demand for its Leading Data Security Posture Management Solution

Business Wire | August 24, 2023

Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management (DSPM), today announced support for data in German, Spanish, Italian, French, and Dutch languages, enabling it to meet rapidly growing global demand for its leading DSPM solution. As a result, today’s update to Concentric AI’s Semantic Intelligence™ DSPM solution enables multinational customers to discovery, classify, categorize, and secure their data in these newly supported languages. It also accelerates Concentric AI’s international expansion by addressing the data security needs of new customers that have a significant amount of private data in these languages. “We have seen a significant amount of interest from international customers, and with today’s announcement we are bringing our groundbreaking AI-enabled DSPM solution to more customers and countries,” said Karthik Krishnan, Founder and CEO, Concentric AI. “The way Concentric AI understands the content and context of data using Large Language Models (LLMs) differentiates us from competitors in the Data Access Governance and DSPM space. These new advancements will fuel our expansion into new markets as well as expand support for non-English data for our existing multinational customers.” Concentric AI’s Semantic Intelligence solution is enabled by LLMs that understand clients’ data to enable the industry’s most accurate data classification and DSPM solution. Now the LLMs developed by Concentric AI can read and understand the context of files, documents, and data in these new languages to provide the most accurate data discovery and classification solution to unmet needs in new markets. “This update is also important for our partners because many of their customers are either internationally based or they have customers who have data in multiple languages,” added Krishnan. “It also enables us to grow our partner ecosystem in these important new markets.” Concentric AI’s DSPM solution scans organizations’ data, detects sensitive or business critical content, identifies the most appropriate classification category, and automatically tags the data. Concentric AI uses artificial intelligence (AI) to improve discovery and classification accuracy and efficiency to avoid endless regex rules and inaccurate end user labeling. In addition, Concentric AI can monitor and autonomously identify risk to financial and other data from inappropriate permissioning, wrong entitlements, risky sharing, and unauthorized access. It can automatically remediate permissions and sharing issues or leverage other security solutions and cloud APIs to quickly and continuously protect exposed data. Concentric AI’s Semantic Intelligence™ automates unstructured and structured data security using deep learning to categorize data, uncover business criticality and reduce risk. Its Risk Distance™ analysis technology uses the baseline security practices observed for each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from oversharing, third-party access, wrong location, or misclassification. Organizations benefit from the expertise of content owners without intrusive classification mandates, with no rules, regex, or policy maintenance needed. About Concentric AI With Concentric AI, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric AI protects intellectual property, financial data, PII/PCI content, customer data, business confidential content and more, across on-premises and cloud-based data stores, as well as messaging and communication applications. The Concentric AI Semantic Intelligence™ Data Security Posture Management (DSPM) solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric AI is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif.

Read More