ED&F Man transforms threat detection and investigation with the Cognito platform from Vectra
November 2019 by Patrick LEBRETON
Commodities trader finds the sweet spot to expose hidden attackers, spot privilege misuse and perform conclusive incident investigations
Vectra, the leader in network detection and response, today announced that ED&F Man selected the Cognito network detection and response platform from Vectra to expose attackers hidden inside its network, spot privilege misuse and perform conclusive incident investigations. A $10 billion company, ED&F Man trades sugar, coffee, molasses, and animal feed and helps customers and suppliers hedge commodity pricing risk.
When a non-data loss security incident served as a wake-up call to the ferocity of today’s cyberattacks, ED&F Man undertook a complete security transformation. It created a security operations center (SOC) triad to gain broad visibility into threat history and significantly reduce the chance that attackers could operate on its network long enough to accomplish their goals. The SOC visibility triad consists of integrated network detection and response, endpoint detection and response, and security information and event management (SIEM) systems.
The Cognito platform collects and stores the right network metadata and enriches it with unique security insights. A cornerstone of the Cognito platform, Cognito Detect uses that security-enriched metadata and sophisticated machine learning techniques to detect and prioritise attacks in real time. ED&F also uses Cognito Recall for AI-assisted threat hunting.
With privileged accounts a common entry point for cyberattackers, ED&F Man uses the Cognito suite of Privileged Access Analytics (PAA) detection models to monitor the interactions between user accounts, services and hosts.