Vectra gets five patents for AI cyber security analytics

Vectra Networks said it was issued five US patents for “advanced cyber security analytics capabilities automated by artificial intelligence (AI).”

“The Vectra patented technology helps address critical issues in today’s fight against cyber attackers,” said Vectra.

“Between the severe shortage of knowledgeable talent and the immense increase in cyber threats, shorthanded security teams are bombarded with endless, disparate alerts that take hours to investigate and prevent a rapid determination of severity or root cause.

“Vectra combines a number of patented machine learning (ML) and AI techniques to identify individual attacker behavior and to judge the severity of combinations of such behaviors.”

Vectra Networks said one of the most difficult attacker behaviors to detect is malware that “phones home” to the attacker and enables him to take manual control over a compromised host.

Security analysts have coined the term RAT (Remote Access Trojan) to describe malware that enables this functionality.

Vectra said it has been granted a patent for “using innovative machine learning techniques to detect such behavior regardless of the malicious or benign software used to establish manual remote control of an internal host.”

Vectra said another of the granted patents “takes an innovative approach to correlating all attacker behaviors observed on a particular asset in an organization’s network and assigning threat and certainty scores to the observed timeline of attacker behaviors.”

Vectra chief technology officer Oliver Tavakoli said: “Timely detection of advanced attacks is key to neutralizing them before they do an organization substantial harm.

“Using ML and AI to find the individual steps of advanced attacks, correlating them on a machine across time and prioritizing the resulting narratives is key to making events actionable for security analysts.

“Finding the sometimes-tenuous connections across multiple machines which are part of a single attack campaign is the next AI frontier for reducing analysts’ alert fatigue and turning the tables on the attackers.”