When your data and systems are the lifeblood of your organisation or if a breach is simply unimaginable, you need a security defence you can rely on.
Lastline’s Breach Detection Platform broke records this year when it was the first product EVER to achieve a perfect score, detecting 100% of HTML, Email, and SMB malware with NO false positives in NSS Labs Breach Detection System Test. Lastline was also named a leader in The Forrester Wave™ Automated Malware Analysis Report, Q2 2016.
If you're serious about security, you need Lastline in your defence.
Lastline detects unknown threats (APTs, ATAs, zero-days etc) specifically designed to evade first-generation APT sandbox appliances. When compared to competing approaches such as virtualisation and OS emulation, Lastline's full-system emulation provides the deepest level of visibility into unknown malware behaviour and is also the hardest for evasive malware to get round. The result is the successful detection of highly-evasive malicious attacks that others simply don’t see.
Lastline’s unique threat intelligence database contains advanced and evasive attack information that no other security vendor can provide. Built on more than ten years of R&D, this knowledge base contains active command and control (C&C) servers, objects with zero-day exploits, toxic web sites and malware distribution points identified as having breach intent. Import custom IDS/IPS rules, YARA rules, and threat intelligence to adjust environment for analysis and defend against threats specific to your organisation. This database is continuously updated in real-time with intelligence from partner and customer environments.
The Lastline Breach Detection Platform identifies key indicators of compromise (IOCs) for breach confirmation and draws on real-time threat intelligence to trigger incident response and block attacks immediately. Elastic analysis capabilities allow the next-generation sandbox to handle changes in volume without compromising the speed or integrity of analysis. Suspicious traffic and objects are analysed in real time — not minutes or hours — providing the quickest time to notification and remediation.
Breach analysis results are presented via a web-based portal using an incident-centric approach in which evidence from next-generation sandbox analysis, network monitoring, and anomaly detection are correlated to provide actionable analyses of ongoing incidents. Indicators of compromise (IOCs) associated with evasive malware and command and control traffic (C&C) are prioritised to reduce noise and save responders time.
Powerful APIs were designed to complement traditional security investments (network, end-point, and management systems) and optimise existing SOC and IR operational workflows. Push blocking rules to NGFWs (Next-Generation Firewalls), send breach event information to your SIEM (Security Information Event Management), block in-line with IPSs (Intrusion Prevention Systems) and add evasive malware understanding to SWGs (Secure Web Gateways).
Lastline's advanced threat intelligence can feed to existing security investments, such as Next-Generation Firewalls or Intrusion Prevention Systems, to provide security analysts and incident responders with additional behaviour information and context on threats.
In the case that a previously unknown or zero-day exploit is identified, the Lastline platform provides sensors and 3rd party security systems with updated intelligence to create blocking rules that stop active breaches.
In our resources section, we have extra information, intelligence and insight to help you understand more about Lastline, the current cyber threat landscape and Lastline's unique solution.