Latest news with #UEBA
Techday NZ
21-05-2025
- Business
- Techday NZ
Exabeam partners with Vectra AI to boost cloud threat defence
Exabeam has announced a partnership with Vectra AI to integrate the Exabeam New-Scale Security Operations Platform with the Vectra AI Platform. The collaboration aims to address the challenges faced by security teams in identifying advanced threats, particularly those that move laterally across cloud environments. Many existing solutions, originally developed for on-premises systems, struggle to detect these attacks, resulting in delayed responses and increased manual workloads for analysts. The integration combines Exabeam's SIEM, user and entity behaviour analytics (UEBA), and automated workflows with Vectra AI's network detection and response (NDR) capability. According to Exabeam, this unified solution will centralise visibility, accelerate threat detection, and streamline investigation processes across cloud-based environments. Vectra AI's platform provides visibility into lateral threat movement by monitoring activity both east-west and north-south across a variety of network architectures, including data centres, campus facilities, remote workspaces, cloud, and operational technology (OT) environments. By incorporating Vectra AI's analytics into the Exabeam infrastructure, the two companies aim to give security teams improved detection and response capabilities. Steve Wilson, Chief AI and Product Officer at Exabeam, said, "Teaming up with Vectra AI, isn't just a partnership, it's a power move. We need to shift the balance in cybersecurity, putting defenders back in control. With their cloud threat intel and our AI-driven platform, we're exposing the threats others miss and flipping the script on what modern threat detection looks like." The integration is designed to provide a number of practical benefits. Accelerated threat detection is achieved by consolidating security data from various sources and automating processes throughout the security operations centre (SOC) stack. This allows analysts to identify and respond to incidents faster and with greater accuracy. Enhanced visibility is another feature, with the combined platform able to detect network-based risks throughout cloud infrastructures by leveraging behavioural analytics. This helps security teams spot lateral movement, insider threats, and post-compromise activities that traditional tools might overlook. Streamlined operations are facilitated by out-of-the-box integration features. These include prebuilt mappings, a preconfigured Vectra AI dashboard tile, and webhook collectors, all of which are intended to speed up deployment and reduce ongoing operational complexity for SOC teams. Jeff Reed, Chief Product Officer at Vectra AI, said, "Security teams today need visibility to stay ahead of advanced threats, especially as attacks become more complex and move across hybrid and cloud environments. By integrating Vectra AI's advanced NDR with Exabeam's powerful SIEM and automation capabilities, we're empowering teams with a unified, intelligent platform to quickly identify, investigate, and stop threats before they escalate. This partnership is a major step forward in modernising security operations for the AI-driven threat landscape." The partnership is built on the understanding that today's threat landscape is increasingly shaped by cloud adoption and remote work, where attack vectors are more diverse and attacks often bypass traditional network boundaries. By providing centralised and integrated defence tools, Exabeam and Vectra AI aim to help organisations keep pace with these developments and reduce the burden on security staff. Analysts using the integrated platform are expected to benefit from simplified incident investigations, less manual effort, and improved overall security outcomes. The new solution is positioned as addressing a market demand for unified threat detection and response that adapts to both legacy systems and modern, cloud-native environments.
Techday NZ
14-05-2025
- Business
- Techday NZ
How businesses are fighting sophisticated cyber threats with AI
In an era where artificial intelligence (AI) is redefining the corporate landscape, its darker side is also beginning to take shape - and it's hitting Australian and New Zealand organisations where it hurts most: cybersecurity. Ransomware attacks, already a formidable threat to businesses, are being supercharged by AI. Threat actors are leveraging the technology not just to improve existing methods but to innovate entirely new tactics. The result is a new class of cyberattacks—faster, more convincing, and increasingly difficult to detect. An escalating threat AI is accelerating the capabilities of ransomware operators. While the core mechanics of a ransomware attack remain largely unchanged (encrypting data and demanding payment) AI enhances each phase of the attack lifecycle. According to cybersecurity experts, the most alarming consequence is the lowered barrier to entry for cybercriminals. Anyone with access to the right AI tools can now generate malware, craft convincing phishing emails, or exploit known vulnerabilities. They no longer need deep technical knowledge. AI-generated phishing emails and deepfake voice scams are becoming alarmingly realistic. Attackers can automate these campaigns at scale, fooling even vigilant employees. Traditional safeguards, such as spam filters and antivirus programs, are no match for the adaptive and evolving nature of these AI-enhanced threats. The speed of attack is also increasing. AI algorithms can scan networks, identify vulnerabilities, and develop targeted exploits in a fraction of the time it would take a human operator. As a result, businesses have a shrinking window to detect and patch weaknesses before they are exploited. A tipping point for cybersecurity The emergence of AI-driven attacks is pushing many organisations to rethink their entire approach to cybersecurity. Signature-based detection systems, long a staple in enterprise environments, are proving inadequate against threats that constantly shift form. The reality is that these attacks are becoming too intelligent for reactive systems. If an organisation is relying on known signatures or pre-defined rules, it will always be a step behind. This urgency is driving a growing shift toward analytics-driven security strategies - particularly User and Entity Behaviour Analytics (UEBA). This AI-powered approach focuses not on identifying known threats, but on recognising unusual patterns in user and system behaviour. Using AI to fight AI UEBA is emerging as a vital tool in the defence arsenal. It leverages machine learning, behavioural analytics, and data science to detect anomalies that could indicate malicious activity, even when that activity doesn't match any known threat profile. One of UEBA's key strengths lies in its ability to proactively hunt for threats. It scans for patterns that deviate from the norm, such as an employee logging in from an unusual location or accessing systems at odd hours. By doing so, it offers early warnings of potential breaches and speeds up investigation times for security teams. Automation is another powerful component of UEBA. The technology not only identifies threats but can also initiate pre-defined response actions automatically. Combined with orchestration tools, this reduces the burden on Security Operations Centres (SOCs) and allows for a faster, more coordinated response. Accuracy is also improving. Unlike legacy systems that generate a high number of false positives, UEBA tools assign risk scores to anomalies, allowing teams to focus on high-probability threats. Over time, the system becomes more precise, adapting to an organisation's unique behavioural baseline. A strategic imperative The growing complexity of ransomware and phishing attacks is making cybersecurity not just a technical concern, but a strategic business priority. For sectors like finance, healthcare, and critical infrastructure - where data breaches can have regulatory, reputational, and financial consequences - the stakes are particularly high. Many Australian and New Zealand firms are already investing heavily in AI-based defence technologies. But experts warn that implementation alone isn't enough. A comprehensive, security-first culture is essential and should include employee education, executive oversight, and alignment with broader risk management strategies. As the arms race between cybercriminals and defenders escalates, organisations must recognise that artificial intelligence is not just a threat - it's also the best line of defence. By deploying AI to combat AI, businesses can take a proactive stance in an increasingly hostile digital environment. The security landscape has changed. It's no longer a case of just defending against people behind keyboards. It's also about defending against intelligent systems. To win, organisations need smarter defences, powered by AI, informed by data, and driven by strategy.
