Dubai, United Arab Emirates – Looking to stay one step ahead of attackers, the GCC’s leading premium aluminium producer has deployed technology from Vectra to detect real attacks and their progression throughout the cyber kill chain, so they can rapidly investigate and stop an attack from becoming a breach. This proactive approach, coupled with a significant reduction in false positives, means one security analyst can now manage the entire SOC operations for the company.

“When it comes to protecting against attacks, the key challenge we faced was visibility — silos and isolated networks exist across the environment, and it was difficult to control it completely,” commented a spokesperson from the aluminium producer. “We also struggled with alert fatigue — we used to have a SIEM and antivirus solutions and we would get a lot of alerts, which meant our SOC analysts had to manually analyze and prioritize the alerts. And finally, our security solutions, be it the SOAR and EDR solutions, firewalls or IPSs, are all reactive which meant that by the time we received a trigger, it was already too late and the attacker was in our network.”

The Vectra platform, underpinned by the company’s ground-breaking Attack Signal Intelligence technology, has allowed the aluminium producer’s security team to move from a reactive to a more proactive approach to cybersecurity and pick up on threats before they have had a chance to materialize into something malicious. Contrast to approaches that leverage AI for anomaly detection and require human tuning and maintenance, Vectra Attack Signal Intelligence continuously and automatically monitors for attacker methods with a set of Security AI models programmed with an understanding of attacker TTPs. The results run through another layer of AI which combines an understanding of the organization’s environment with threat models and human threat intelligence, to automatically surface and prioritize threats based on severity and impact.

“The biggest advantage of the Vectra solution is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well,” added the spokesperson at the aluminium producer.

The result is that the aluminium producer is able to identify up to 90% of threats in the very initial stages, while reducing the number of false positives to just 1%. As a consequence, just one security analyst is now able to manage the entire SOC operations.

“Today, security teams are over-stretched and suffer burnout. They are stuck in a vicious cycle of having to manually maintain detection rules, triage alerts, and figure out what alerts to prioritize. Compounding these challenges is the fact that today, the biggest threats facing organizations in the region is the unknown compromise. These are precisely the challenges that the aluminium producer was facing and why they selected Vectra to underpin their SOC,” commented Taj El-Khayat, Managing Director for EMEA South at Vectra AI. “I am confident that with Vectra, the company’s security professionals will no longer have to worry about detecting and prioritizing threats and can instead devote their time to doing what they do best — investigating and responding to real attacks.”

-Ends-

About Vectra

Vectra® is a leader in threat detection and response for hybrid and multi-cloud enterprises. The Vectra platform uses AI to detect threats at speed across public cloud, identity, SaaS applications, and data centers. Only Vectra optimizes AI to detect attacker methods—the TTPs at the heart of all attacks—rather than simplistically alerting on "different". The resulting high-fidelity threat signal and clear context enables security teams to respond to threats sooner and to stop attacks in progress faster. Organisations worldwide rely on Vectra for cybersecurity resilience in the face of dangerous cyber threats and to prevent ransomware, supply chain compromise, identity takeovers, and other cyberattacks from impacting their businesses. For more information, visit vectra.ai. 

Media contact
Vernon Saldanha
Procre8 (on behalf of Vectra AI)
vernon@procre8.biz