One of the world’s leading consumer packaged goods (CPG) companies thrives on being a cloud-first enterprise while running a huge amount of activity through Amazon Web Services (AWS).
Challenge
Needed a tool that could protect the amount of activity in their critical AWS infrastructure
Results
Despite having preventive and compliance measures in place for cloud-security, the leading consumer packaged goods (CPG) company struggled with post-exploitation coverage and was unable to build effective rules in-house to combat threats in its massive AWS infrastructure. Without a comprehensive threat detection system, the company was vulnerable, particularly after an attacker managed to gain access to user credentials.
The company started using the Vectra Detect platform for AWS, which was designed to quickly detect and remediate any threats in the environment. The platform was put to the test early on, successfully detecting suspicious use of stolen credentials in its extensively large cloud infrastructure, featuring nearly half a billion actions each day.
Vectra Detect for AWS flagged the suspicious use of credentials early on in the ocean of daily activity. The SecOps team was able to understand the suspicious activity, connect the dots with Vectra's Kingpin identity attribution technology, and use the Instant Investigations feature to view other activities associated with the credentials. With the help of Vectra, the SecOps team efficiently rotated the accessed secrets and reset ecommerce credentials, shutting down the intrusion before it could inflict serious damage to the organization.
Detect for AWS quickly proved its value—gaining coverage in a matter of minutes—and then soon after when the company was infiltrated by a malicious actor in early 2022.
Detect for AWS flagged the suspicious use of credentials early on—from the ocean of daily activity—nearly half a billion actions each day.