A leading premium aluminium producer in the GCC has deployed technology from Vectra to detect real attacks and their progression throughout the cyber kill chain, so they can rapidly investigate and stop an attack from becoming a breach.

The result is that the aluminium producer has been able to identify up to 90 per cent of threats in the very initial stages, while reducing the number of false positives to just 1 per cent. This proactive approach, coupled with a significant reduction in false positives, means one security analyst can now manage the entire security operations center (SOC) operations for the company, Vectra, a leader in threat detection and response for hybrid and multi-cloud enterprises, said in a statement.

“When it comes to protecting against attacks, the key challenge we faced was visibility — silos and isolated networks exist across the environment, and it was difficult to control it completely,” commented a spokesperson from the aluminium producer.

“We also struggled with alert fatigue — we used to have a SIEM and antivirus solutions and we would get a lot of alerts, which meant our SOC analysts had to manually analyze and prioritize the alerts. And finally, our security solutions, be it the SOAR and EDR solutions, firewalls or IPSs, are all reactive which meant that by the time we received a trigger, it was already too late and the attacker was in our network,” the spokesperson added.

According to Vectra, the Vectra platform, underpinned by the company’s ground-breaking Attack Signal Intelligence technology, has allowed the aluminium producer’s security team to move from a reactive to a more proactive approach to cybersecurity and pick up on threats before they have had a chance to materialise into something malicious.

Contrast to approaches that leverage AI for anomaly detection and require human tuning and maintenance, Vectra Attack Signal Intelligence continuously and automatically monitors for attacker methods with a set of Security AI models programmed with an understanding of attacker TTPs. The results run through another layer of AI which combines an understanding of the organization’s environment with threat models and human threat intelligence, to automatically surface and prioritize threats based on severity and impact.

“The biggest advantage of the Vectra solution is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well,” added the spokesperson at the aluminium producer.

The result is that the aluminium producer is able to identify up to 90 per cent of threats in the very initial stages, while reducing the number of false positives to just 1 per cent. As a consequence, just one security analyst is now able to manage the entire SOC operations.

“Today, security teams are over-stretched and suffer burnout. They are stuck in a vicious cycle of having to manually maintain detection rules, triage alerts, and figure out what alerts to prioritize.

Compounding these challenges is the fact that today, the biggest threats facing organizations in the region is the unknown compromise. These are precisely the challenges that the aluminium producer was facing and why they selected Vectra to underpin their SOC,” commented Taj El-Khayat, Managing Director for EMEA South at Vectra AI.

“I am confident that with Vectra, the company’s security professionals will no longer have to worry about detecting and prioritizing threats and can instead devote their time to doing what they do best — investigating and responding to real attacks,” he added.

Copyright 2022 Al Hilal Publishing and Marketing Group Provided by SyndiGate Media Inc. (Syndigate.info).