Vectra Networks has introduced a breakthrough in data centre security that identifies hidden cyber attack behaviours within Amazon Web Services that were previously impossible to detect.
“Cyber attackers like to establish a beachhead in cloud workloads to inflict lasting damage,” said Vectra CTO Oliver Tavakoli. “Hijacking an open server port is the most effective way to install a backdoor in compromised workloads. Our ability to detect the presence of previously unseen backdoors by monitoring traffic within the cloud provides unique protection against this important attacker technique.”
In AWS, Vectra uses artificial intelligence to automatically detect the tell-tale signs of a cyber attack – including command and control, lateral movement, internal reconnaissance, and data exfiltration behaviours – and enables security teams to respond quickly and decisively to stop the progression of any threat. As a result, enterprise organisations can migrate enterprise applications, data and other shared computing resources to Amazon Web Services (AWS), while dramatically reducing the risk of compromise, damage and theft.
“This approach fills a big void in the public cloud and removes security as a roadblock to AWS migration,” said Beau Canada, vice president of information security at Ticketmaster. “Without native SPAN port support in AWS, options were limited for network visibility. Vectra integration with Gigamon delivers attacker behaviour visibility for an integral and growing component of the enterprise within the public cloud. With a solution like this, companies will be able to move everything, including back-office applications, into the cloud.”
To meet the demands of public clouds, the Vectra AWS virtual sensor (vSensor) performance scales to the current 20 Gbps limit of AWS instance types. The Gigamon Visibility Platform on AWS enables organisations to use a standardised approach to gain access to network traffic in an AWS VPC. The Gigamon solution enables users to send traffic from Amazon EC2s to security tools such as Vectra on demand, a capability that was not previously available.
