In the modern digital landscape, where technologies evolve at an incredible pace, new business opportunities emerge alongside unprecedented cyber threats. Vectra AI, a leader in AI-driven cyber threat detection and response, has announced a significant expansion of its Vectra AI platform, aimed at protecting against new types of attacks related to the rapid adoption of generative artificial intelligence (GenAI) tools.

The patented Attack Signal Intelligence™ technology of the Vectra AI platform uses advanced behavioral artificial intelligence to defend against cybercriminals who misuse GenAI. This empowers Security Operations Center (SOC) teams to counter GenAI-driven attacks with the power of artificial intelligence.

Rapid GenAI development creates new cyber threats

The increasing use of GenAI tools, such as Microsoft Copilot, significantly enhances employee productivity and automates routine processes. However, this technological advantage has a downside: it creates entirely new attack surfaces and vectors for adversaries.

The Large Language Models (LLMs) that power these tools often gain access to vast amounts of sensitive corporate data, including intellectual property, financial information, and customer personal data. Thus, adversaries can use GenAI to:

  • Accelerate reconnaissance: Automated collection of information about targets, vulnerability scanning, and employee profiling.
  • Create convincing phishing and social engineering: GenAI can generate high-quality, personalized emails, messages, and even voice calls that are difficult to distinguish from genuine ones, significantly increasing the success rate of attacks.
  • Develop and adapt malware: Adversaries can use GenAI to quickly generate variants of malicious code, bypass detection systems, and create more analysis-resistant programs.
  • Automate lateral movement: After initial penetration, GenAI can help adversaries automate the process of moving laterally across the network, searching for valuable data, and escalating privileges.

Thus, GenAI is becoming a double-edged sword: a powerful tool for productivity and a dangerous weapon in the hands of cybercriminals. This creates an urgent need for innovative defense mechanisms that can counter AI-driven attacks with the same speed and intelligence.

Vectra AI counters GenAI with AI

“For over a decade, Vectra AI has been a leader in using AI to combat advanced and emerging threats. Our mission is to provide the most accurate attack signals with maximum speed and scale, enabling us to detect attacks that other solutions cannot find,” said Hitesh Sheth, founder and CEO of Vectra AI. “As more enterprises adopt GenAI tools to enhance employee productivity, SOC teams face a new attack surface that can only be defended with AI. Our new AI-driven GenAI attack detection methods empower SOC teams to counter adversary AI, operating at the same speed and scale.”

The Vectra AI platform detects attacks based on Microsoft Copilot misuse

SOC defenders must use AI to combat AI-driven attacks. The Vectra AI platform uses advanced AI and machine learning (ML) technologies to detect threats in network, identity, cloud, SaaS, and, most importantly, GenAI-driven attacks. Attack Signal Intelligence™ automatically triages, correlates, and prioritizes threats with maximum accuracy, allowing SOC defenders to isolate and contain real attacks in minutes.

With the addition of GenAI detection capabilities, the Vectra AI platform enables SOC teams to see and stop new attack methods that leverage GenAI tools. For example, according to research, more than 40% of Vectra AI identity customers have already started using Microsoft Copilot for M365 in their enterprises, creating new potential attack vectors.

Now, the Vectra AI platform detects adversaries who compromise an account and misuse Microsoft Copilot for M365 to carry out attacks and gain unauthorized access to sensitive applications and data within minutes. This includes detecting scenarios such as:

  • Unauthorized access to sensitive data via Copilot: For example, an attacker, having gained access to a user account, can use Copilot to quickly search for and extract secret documents or customer databases, which previously would have required manual searching and significantly more time.
  • Using Copilot for privilege escalation: Attempts by adversaries to manipulate requests to Copilot to gain access to resources that should not be available at the current privilege level.
  • “Jailbreak” attacks on LLMs: Attempts to bypass built-in security limitations in Copilot to force the model to perform malicious actions or reveal sensitive information it should not disclose.

To achieve this, the Vectra AI platform offers enhanced capabilities:

  • Detection of Microsoft Copilot abuse, including suspicious access, data discovery, and “jailbreak” attack techniques. This allows the identification of atypical behavior indicating compromise or attempts to bypass GenAI tool protection.
  • Correlation and attribution of GenAI detections with identifiers in Microsoft Entra ID, Microsoft 365, AWS, and Active Directory. This provides full attack context, linking it to specific users and resources.
  • Prioritization of GenAI Microsoft Copilot detections with detections in network (Vectra NDR), identity (Vectra ITDR), and cloud (Vectra CDR). This allows SOC teams to focus on the most critical incidents that pose the highest risk to the organization.
  • Integration of metadata from network, identity, cloud, and GenAI attack surfaces for instant and in-depth investigation. All necessary data is available in a single console, accelerating analysis.
  • Native, automated, and managed response actions to block hosts and accounts involved in the attack. Rapid response is key to minimizing damage.

“More than 40% of Vectra AI identity customers have started using Microsoft Copilot for M365 in their enterprises,” said Jeff Reed, Chief Product Officer at Vectra AI. “This new expansion of the Vectra AI platform helps SOC defenders protect identities and stop adversaries who are misusing GenAI tools.”

Benefits of the Vectra AI Platform for Protection Against GenAI-Driven Attacks

The Vectra AI platform offers a number of key advantages that make it an indispensable tool for protecting against new GenAI-driven attacks:

  • Detection accuracy: Vectra AI‘s behavioral AI technology ensures extremely high accuracy in detecting GenAI-driven attacks, significantly reducing false positives. This saves analyst time and allows them to focus on real threats.
  • Detection speed: The Vectra AI platform can quickly detect GenAI-driven attacks in real-time, enabling SOC teams to respond faster and minimize potential damage. According to IBM Security research, the average time to detect and contain a data breach is 204 days, highlighting the critical importance of rapid response.
  • Visibility: The Vectra AI platform provides a unified, integrated view of network, identity, cloud, and GenAI attack surfaces. This gives SOC teams full visibility into the entire attack, allowing them to understand its scope and vector.
  • Ease of use: The Vectra AI platform is designed with an emphasis on ease of use and configuration, allowing SOC teams to quickly deploy and effectively use it without significant training time.

Vectra AI – a Valuable Asset for Cybersecurity in Ukraine via NWU

In the context of growing cyber threats, including complex GenAI-driven attacks, the availability of advanced cybersecurity solutions is critically important for Ukrainian organizations.

Vectra AI is a powerful solution that can help organizations protect themselves from the latest and most dangerous GenAI-driven attacks. With its ability to accurately and quickly detect GenAI-driven attacks, as well as provide comprehensive visibility and ease of use, the Vectra AI platform is a valuable addition to any cybersecurity program.

Thanks to NWU, the official distributor of Vectra AI in Ukraine, it is now possible for Ukrainian IT companies to buy NDR (Network Detection and Response) from a global leader, which is an integral part of the SOC triad (SIEM, EDR, NDR). This allows Ukrainian enterprises to use the most advanced technologies to protect their critical assets and ensure cyber resilience.

Protect your business from new generations of cyber threats. Want to buy NDR for SOC or order a test of the Vectra AI solution in Ukraine? Contact NWU today to learn more about how Vectra AI can strengthen your cybersecurity.