Case Study: GMMH NHS Foundation Trust stops credential‑abuse attacks and gains proactive Office 365 visibility with Vectra AI Inc.'s Cognito for Office 365

GMMH NHS Foundation Trust stops attacks with Cognito for Office 365

Greater Manchester Mental Health NHS Foundation Trust (GMMH) is an NHS trust in North West England with about 5,400 staff, 140+ locations and care for roughly 53,000 patients a year. The trust struggled with limited visibility into malicious behavior across its network and Office 365 environment—making credential abuse and hidden attacker activity hard to detect despite existing antivirus, SIEM and firewall investments.

GMMH deployed Vectra’s Cognito for Office 365 to ingest Office 365, Azure AD, SharePoint, OneDrive and Exchange activity and apply AI-driven detection that correlates behavior to accounts and prioritizes alerts. The quick, intuitive rollout delivered immediate results: full-network visibility, faster same-day detection and response (including identifying an unauthorized device), improved ability to stop credential abuse, and more time to focus on end-user security awareness.

GMMH NHS Foundation Trust

Kevin Orritt

ICT Security Manager