Vectra AI is growing its artificial intelligence (AI) platform to combat generative AI attacks by introducing new threat detection and response capabilities to protect against attacks that target Microsoft Copilot for M365.
“Over 40% of Vectra AI’s identity customers have begun to adopt Microsoft Copilot for M365 in their enterprise,” said Jeff Reed, chief product officer of Vectra AI. “This new expansion of the Vectra AI Platform helps SOC defenders protect identities and stop attackers abusing GenAI tools.”
Vectra says generative AI tools like Microsoft Copilot aim to increase employee efficiency and productivity. However, they also create new attack surfaces as the large language models that power these tools are given access to proprietary corporate data. So, while GenAI tools increase the speed at which employees and organisations can operate, they also afford adversaries the same luxury.
The Vectra AI Platform now detects attackers that compromise an identity and abuse Microsoft Copilot for M365. To achieve this, the Vectra AI Platform delivers:
- GenAI detection coverage for Microsoft Copilot abuse, including suspicious access, data discovery and jailbreak attack techniques;
- Correlation and attribution of GenAI detections with identities across Microsoft Entra ID, Microsoft 365, AWS, and Active Directory;
- Prioritisation of Microsoft Copilot GenAI detections with detections across the network (Vectra NDR), Identity (Vectra ITDR), and cloud (Vectra CDR);
- Integration of metadata across network, identity, cloud, and GenAI attack surfaces for Instant and Advanced Investigations; and
- Native, automated, and managed response actions to lock down hosts and accounts involved in the attack.
