Cybersecurity News that Matters

Cybersecurity News that Matters

Cado Security Launches Collection and Analysis Support of SaaS Environments to Expedite Response to Microsoft 365 Compromises

by Business Wire

Mar. 14, 2024
10:17 PM GMT+9

New feature enables organizations to understand scope and impact across SaaS, on-premise, and cloud environments.

LONDON–(BUSINESS WIRE)–Cado Security, provider of the first cloud forensics and incident response platform, today announced that the Cado platform now enables customers to acquire Microsoft 365 Unified Audit Log (UAL) to help investigate and respond to Microsoft 365 compromises such as business email compromise (BEC), account takeover (ATO), and insider threats. With this new feature, security teams can seamlessly analyze UAL logs alongside other critical sources captured across on-prem and cloud environments.


“With Microsoft 365’s rapid adoption and the ever-increasing amount of critical data being stored on its ecosystems, the rate and scale of attacks should not be surprising,” said James Campbell, CEO and Co-Founder of Cado Security. “Overburdened security teams need automated solutions that give them visibility into their organization’s entire environment and enable a proactive response to suspicious activity. Our new collection and analysis support of SaaS environments does just that by providing the much-needed tools to quickly identify, investigate, and respond to threats so organizations can continuously strengthen their security posture and prevent future occurrences.”

Since organizations heavily rely on email for transfer-of-fund requests, BEC is one of the most common and expensive threats to organizations. Attackers employ tactics such as email spoofing and phishing attacks to take over legitimate email accounts and conduct unauthorized money transfers. According to the FBI, BEC cost organizations over $50 billion worldwide between 2013 and 2022.

With Cado’s new feature, customers can automatically import Microsoft 365 Unified Audit Log (UAL) by timeframe, user, IP, or workload so that security teams can rapidly investigate and respond to potential M365 threats and gain a deeper understanding of scope and impact using the Cado Security platform. By investigating UAL events alongside other events, such as forensic artifacts of an affected user’s workstation in a central platform, security teams can rapidly identify the incident’s root cause, whether from a phishing attack or malware infection.

The Cado platform enables organizations to perform rapid incident response with the following key capabilities:

  • Single-Click data capture: Cado enables fully automated or single-click evidence collection across cloud, on-premises, and SaaS environments.
  • Parallel Processing: The Cado platform’s patented cloud-native architecture enables hundreds of data formats to be normalized in minutes.
  • Automated Investigations: (i) Cado AI Investigator, powered by Cado’s local LLM, delivers a high-level summary of an incident and automatically analyzes potentially malicious files; (ii) Automated timeline & root cause analysis, the Cado platform automatically pulls together an entire timeline of events to accelerate path to root cause and remediation; and (iii) Proprietary and third-party threat intelligence is leveraged to automatically flag malicious and suspicious activity so that security teams can quickly pivot their investigation based on critical events.
  • Single Pane of Glass: Organizations can better understand the impact of threats with complete visibility across their entire ecosystem. Cado can seamlessly analyze SaaS, cloud, container, serverless, and on-premises assets in a single platform.

For more information, visit https://www.cadosecurity.com/cado-introduces-support-of-saas-environments-to-expedite-response-to-microsoft-365-compromises/.

About Cado Security

Cado Security provides the first cloud forensics and incident response platform. By leveraging the scale and speed of the cloud, the Cado platform automates forensic-level data capture and processing across cloud, container, and serverless environments. Only Cado empowers security teams to respond at cloud speed. Backed by Eurazeo, Blossom Capital, and Ten Eleven Ventures, Cado Security has offices in the United States and the United Kingdom. For more information, please visit https://www.cadosecurity.com/ and follow us on Twitter @CadoSecurity.

Contacts

Michelle Yusupov

Hi-Touch PR

443-857-9468

[email protected]

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Business Wire

    Business Wire, a Berkshire Hathaway company, is the global leader in press release distribution and regulatory disclosure. Public relations, investor relations, public policy and marketing profession...

    View all posts
Author:
Stay Ahead with The Readable's Cybersecurity Insights