Vectra Protect to discover and mitigate security risks in Microsoft 365

Vectra AI, an AI-driven threat detection and response for hybrid and multi-cloud enterprises, announced the launch of Vectra Protect, a posture management tool designed to discover and mitigate security risks in Microsoft 365 (M365). Vectra Protect combines 50,000+ hours of expert research and development with automation to analyze an organization’s M365 security posture and provide customized implementation plans to remediate risk. To ensure all organizations, regardless of security staffing or resources, can have access to the solution, Vectra is extending a free sign-up for an Azure Active Directory scan until September 30, 2022.

With the accelerated use of M365 collaboration tools, which now have over 270 million users, cyber attackers are actively targeting access management tools like Azure AD to enter other SaaS tools and enterprise network assets. They then establish a foothold to launch ransomware attacks, steal intellectual property and gain unauthorized access to sensitive user data. With its scanning engine, Vectra Protect combines insights from the M365 Graph API with PowerShell module data to provide a truly holistic view into the integrity of every identity in an organization’s M365 environment. As the only scan designed to uncover identity security issues in M365, Vectra Protect provides organizations with:

• Quick, actionable remediation insights: With its multi-stage methodology, the scan provides organizations with actionable results within hours. Rather than hindering the security team with more alerts, the scan creates a comprehensive risk mitigation map that provides a path to implementation with clear guidance on risk and operational impact.
• Tailored cloud support: Organizations can gain insight into the severity of vulnerabilities, material changes to their configuration state, the operational impact of the required solution, and the steps for remediation aligned to their applicable industry standards and regulatory requirements.
• Configuration correction and compliance: Vectra Protect delves deep into the configuration complexities of M365, highlighting misconfigurations with clear context to guide companies to complete risk resolution and provide security teams with the proof they need to show their policies are effective and compliant.
• Confidence in collaboration: By understanding areas where risks and configuration issues persist, organizations can fulfill the promises of cloud technology without creating unmanaged risk. Organizations can gain efficiencies in implementing and using SaaS tools like M365 by eliminating default settings and aligning operations, information technology, security, and audit teams on security priorities.

“Azure AD has become a large attack vector as cybercriminals look to exploit the lack of security controls and solutions currently available for the tool,” said Aaron Turner, CTO of SaaS Protect at Vectra AI. “Organizations must understand that Microsoft’s default security settings are not specifically tailored to their business operations or industry, which introduces waves of unnecessary risk. Combining this with the constant changes in M365, both internally and externally, leaves a host of potential vulnerabilities and configuration issues that organizations are responsible for correcting. Vectra Protect helps unravel this complexity to deliver the visibility and assurance organizations need to protect these essential business tools.”