Lastline, Inc., the advanced network-based malware protection solutions provider, has introduced Lastline Breach Defender, a solution that provides a dynamic blueprint of a breach as it unfolds and moves laterally across a network.
Informed by a deep understanding of malware behaviours, Lastline Breach Defender provides the visibility, context, threat intelligence, and integration enterprise security teams need to remediate breaches faster, with fewer resources, and at lower cost.
"When malware strikes, it is imperative that security teams see and understand all the malicious activity taking place across a compromised network," said Christopher Kruegel, Lastline CEO. "Lastline Breach Defender provides this information, accelerating the team's ability to respond to a breach before data exfiltration can occur by identifying all the applications, systems, and data affected by the malware."
Features of Lastline Breach Defender include:
Collection & Augmentation
- Malware Detection: Lastline Deep Content Inspection™ detects attacks that evade sandboxes, firewalls, and other "next-gen" tools by uncovering malicious behavior engineered into a piece of malware with unique fidelity not possible with other technologies.
- Network Analysis: Monitors events and network activity, including low-level events and seemingly benign activity, to uncover all malicious network activity.
- Global Threat Intelligence: Provides context by linking activity within a network with global information about threats previously detected by Lastline's global customer base.
- Integrations: Proven integration with third-party security products further inform breach analysis and improve effectiveness of existing controls.
- Data Correlation: Applies machine learning and AI techniques to connect collected data and identify relationships among seemingly unrelated aspects of the breach activity, spotting elements of a breach that otherwise would have been missed with limited security staffing and other tools.
- Anomaly Detection: Builds a profile of normal network activity using machine learning, and correlates anomalies in the context of detected breaches, providing improved threat analytics without overwhelming analysts with benign anomalies.
- Manual or automated response enables an organization to implement mitigating controls to help secure their organization
- Integrations with existing security infrastructure improve the effectiveness of current security products, staff, and processes
- Cloud-based architecture and flexible deployment options reduce the cost and complexity of eliminating advanced threats
"Lastline provides unmatched breach detection with a single product that correlates network anomalies, threat intelligence, and our deep visibility of malware behavior," said Brian Laing, Lastline VP of business development and products. "Lastline Breach Defender provides all the capabilities enterprises need to detect breaches quickly with minimal false positives, remediate them more efficiently and effectively, and do so with fewer resources, protecting the organization from costly and damaging data breaches."