Vectra AI is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra AI platform and MDR services provide attack coverage across public cloud, SaaS, identity and network infrastructure. Unlike traditional threat detection approaches that simply alert on what is “different”, Vectra AI’s Attack Signal Intelligence detects and correlates attacker behaviors - the TTPs at the heart of all attacks. The resulting alert signal clarity enables security operations teams to rapidly prioritize, investigate and respond to the most urgent cyber-attacks and stop them from becoming breaches. Organizations worldwide rely on the Vectra platform and MDR services to get ahead and stay ahead of attackers. For more information, visit www.vectra.ai.
Vectra is great tools for network flow monitoring. We are using since last 6 year . What I noticed Vectra is not good is case any system impacted by the keyloger I believed ?
tldr; gpt to phish people better, access your account eg gpt, claude, copilot, ask /make the model what info it knows about you. solution; dont assume any email is real.
Not sure if someone can calrify, but in ATT&CK we have mitigations (not detailed as I see them) but the counter-measures in D3FEND are more detailed from the defend point of view. Is this correct ?
This is a supported configuration as discussed in the following Vectra Knowledgebase Article: support.vectra.ai/s/article/KB-VS-1090 The relevant section states: The input to an AWS Sensor can be Amazon VPC traffic mirroring set up on an Amazon elastic network interface or from a VXLAN-based 3rd party packet brokers. For further information on this, please review the AWS Deployment Guide pdf attached to this article.
Thank you for your feedback! We are glad you found our video of interest. Here is an interesting article about the MITRE D3FEND framework as well: www.vectra.ai/blogpost/mitre-d3fend-framework
Thanks you Ram for your comment. We are glad you found our webinar of interest! Feel free to subscribe to our channel, we are producing more content to come soon!
There are many frameworks that exists that would allow to get access to your windows machine. If Microsoft has fixed most vulnerabilities, there are still potential opportunities to hack machines. If you are interested, you can have a look at PRET - Printer Exploitation Toolkit. This tool allows you to gain control of the printer and the clients connecting to it.
Me, as an Indian, am thinking that, how can I do these exact things to the customers for a cheaper price, better than this company. The first problem an Indian company would face is not a pool of skilled data scientists and machine learning professionals to built algorithms, but, data to check the authenticity of the algorithms. This guy has not named the clients his company is dealing with.
This is by far the best talk on Machine Learning for Security that I have EVER seen. Good job at making something short and sweet that I going to be recommending to customers. Damn good job!
Here here! Also oh my god it is THE joe mccray, man your vids practically taught me SQL Injection man! Thanks for your work & community. If I ever see you at a con a rum and coke on me is waiting for you!
Your video did not show what happened when the dialog box displayed. Are you assuming the user clicks the OK button to infect or would clicking on the red X to close the dialog do the same thing? How can this vulnerability be tested? I assume such vulnerabilities are handled by most firewall software out there would that be safe to say?
At the minute 4:40, you see an example of an interaction from a user perspective. No matter what you select (OK or the Red Cross) you would end up being infected. What is interesting with this exploit is that the user does not have to interact to be hacked. As soon as you try to connect to the printer, the windows machine is owned, no matter what the user is answering.