Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
D ATA S H E E T
We designed the Lastline Breach Protection platform to make it easy for you to incorporate Lastline’s unmatched breach protection technology into your existing infrastructure quickly.
Lastline technology complements your legacy security investments and optimizes your existing workflows. Through our diverse Technology
Alliance Partners, you can integrate data sharing bi-directionally with your third-party products and workflows to accelerate and simplify your
breach detection and response.
You can use your existing security infrastructure to send suspicious content to Lastline for analysis, to increase your visibility into malicious
behavior in your network and detect breaches faster. And, you can also export actionable threat intelligence from Lastline to your
existing security controls and workflows to respond automatically or manually to breaches.
Lastline Integrations Datasheet
MalwareAnalytics
NetworkAnalytics
ThreatAnalytics
Breach Analytics
Breach Protection Platform
Breach Response
TECHNOLOGYALLIANCE PARTNERS
TECHNOLOGYALLIANCE PARTNERS
D ATA S H E E T
Malware AnalyticsAt the core of Lastline’s Breach Protection platform is Deep Content Inspection™, our network-based malware analytics technology. Deep Content Inspection provides comprehensive analysis of every malicious behavior engineered into a piece of malware. It interacts with the malware to observe all the actions a malicious object could take, providing unmatched visibility into the malicious behavior built into the code.
Deep Content Inspection is superior to other malware analysis methods like OS emulation and virtualization because it provides greater visibility into malicious behavior and is virtually impossible to evade. It analyzes email, web, and network traffic in real time—not minutes or hours—providing the fastest time-to-notification and time-to-remediation. This insight enables you to focus your breach response and risk mitigation actions for maximum effectiveness.
Lastline’s Technology Alliance Partners have built-in integration that enables bi-directional data sharing with the Lastline platform. You can quickly integrate Lastline’s advanced malware analytics into your existing security portfolio to maximize the value of previous investments. Deep Content Inspection analyzes unknown objects collected by your current security controls as well as Lastline Sensors.
Network AnalyticsLastline’s Breach Protection platform monitors your network activity, including low-level events and seemingly benign activity, to uncover all malicious events. It facilitates hunting of latent threats residing in your network, resulting from file downloads, website content, and email attachments.
Threat AnalyticsLastline’s Threat Analytics provides global context for any malicious activity detected locally on your network. It enables you to understand how activity on your network relates to
activity detected across Lastline’s customer base, such as:
• Any malware seen by Lastline customers that references an IOC discovered in your network
• Any malware that targets a specific domain or URL
• Industries affected by the attack
Breach AnalyticsLastline Breach Analytics identifies relationships among what appear to be unrelated events from the breach. It correlates the data collected by both Lastline sensors and 3rd party tools, and applies advanced analytics to identify relationships among what appear to be unrelated events.
The result is the Breach Protection platform identifies additional IOCs, suspicious files and unusual behavior exhibited by systems, services, and applications that other tools miss.
Breach ResponseArmed with the visibility and context of the breach, you can use Lastline’s Breach Protection platform to respond quickly and effectively to breaches early in their lifecycle. It delivers data visualization that enables you to quickly understand the scope of the threat, including compromised systems, communication between local and external systems, and data sets accessed.
The accuracy of Lastline’s breach detection enables you to automatically update your other security controls to block critical policy violations and active threats in real time.
D ATA S H E E T
Malware AnalyticsCapture evasive malware and monitor
suspicious network traffic from across
your network
Breach Analytics Correlates the collected data and applies
advanced analytics to generate additional
insight into malicious activity in your
network
Breach ResponseUse Lastline Breach Defender’s high-fidelity
alerts to block threats in your network,
either automatically or manually
The Lastline and Carbon Black integration enables a two-way flow
of threat related data that enhances both products, and significantly
improves analysts’ ability to detect and prevent malware-based attacks.
OpenText Endpoint Security uses Lastline’s Deep Content Inspection to
identify advanced malware and act on Indicators of Compromise (IoCs)
provided by Lastline.
Lastline integrates with the Tanium Endpoint Platform to focus on
incident response and identify the most serious breaches.
The Lastline-Tripwire Endpoint Protection Platform (EPP) joint solution
provides customers with the ability to quickly and effectively detect and
defend against breaches caused by advanced and evasive threats.
Lastline’s Breach Protection platform powers Barracuda’s Advanced
Threat Detection on their cloud-based Email Security Service.
Lastline powers Check Point NGFW and firewall appliances by
delivering advanced malware identification for network protection
from sophisticated threats.
Lastline powers Forcepoint firewall, web security, email security products,
giving Forcepoint customers unmatched detection and visibility of
malicious behavior in their network.
Lastline’s Breach Protection platform powers the Hillstone Networks
Layered Threat Protection cloud-based sandbox solution.
Endpoint Security
Network Gateways - Next-Generation Firewall / Unified Threat Management (NGFW and UTM)
D ATA S H E E T
Lastline powers malware analysis for WatchGuard’s APT Blocker
available in NGFW and UTM appliances.
Lastline’s Breach Protection platform powers Barracuda’s Advanced
Threat Detection on their cloud-based Email Security Service.
Lastline integrates with Forcepoint firewall, web security, email security
products, giving Forcepoint customers unmatched detection and visibility
of malicious behavior in their network.
Lastline’s Breach Protection platform integrates with Cloud Access
Monitor to provide real-time cloud activity monitoring for advanced
threat protection.
Lastline powers the detection of drive-by downloads augmenting the
protection of Nimbusec Website Security Monitor to detect security
incidents on distributed corporate website infrastructures.
Lastline’s Breach Protection platform augments Spamina’s premium
antivirus technology to ensure the highest levels of malware prevention
for corporate email systems.
Lastline’s Deep Content Inspection powers Symantec’s Cloud Access
Security Broker (CASB) to protect web traffic against advanced persistent
threats.
Lastline integrates events, such as suspicious file downloads and irregular
netflow profiles, into HP Enterprise ArcSight holistic security reporting
capabilities.
IBM QRadar supports seamless integration of events produced by
Lastline, such as data breaches and irregular network traffic, into its
comprehensive security reporting capabilities.
Secure Email and Web Gateways and Cloud Access Services
Security Information & Event Management (SIEM)
MALWAREANALYTICS
BREACHANALYTICS
BREACHRESPONSE
D ATA S H E E T
Lastline’s Breach Protection platform is fully interoperable with
the Tipping Point IPS to power advanced malware analysis.
Lastline’s Breach Protection platform integrates with IBM X-Force Malware
Analysis on Cloud-XGS by accepting unknown objects automatically
submitted for in-depth malware analysis. IBM customers can also submit
unknown objects and indicators of compromise (IOCs) manually.
Lastline integrates with Gigamon’s GigaSECURE Security Delivery Platform
to quickly and accurately detect, block, and respond to advanced
malware.
Lastline’s Breach Protection platform integrates with the Symantec
Security Analytics Platform unparalleled accuracy in malware advanced
analysis.
Quickly and accurately detect, block, and respond to advanced malware
in your network by integrating Lastline Enterprise with Gigamon’s
GigaSECURE Security Delivery Platform.
Lastline integrates with Symantec’s SSL Visibility Appliances to detect
active security breaches caused by advanced and evasive threats in
Secure Sockets Layer (SSL) traffic.
Intrusion Prevention Systems (IPS)
Analytics, Management, and Policy
SSL Decryption
MALWAREANALYTICS
BREACHANALYTICS
BREACHRESPONSE
D ATA S H E E T
Experience the Lastline AdvantageFor more information please visit www.lastline.com
LASTLINE CORPORATE HEADQUARTERS
203 REDWOOD SHORES PARKWAY
SUITE 500
REDWOOD CITY, CA 94065
AMERICAS: +1 (877) 671 3239
EMEA: +44 (0) 207 749 5156
APAC: +65 6829 2207
WWW.LASTLINE.COM
© 2018 Lastline, Inc. All rights reserved. All other trademarks are the property of their respective owners. | v. 022718
Lastline’s malware analytics and threat intelligence integrates as a
feed into the ThreatConnect Threat Intelligence Platform delivering
unsurpassed accuracy.
Lastline Analyst integrates with the Phishme Triage system to accept files
and return results of Lastline’s advanced malware analysis.
Threat Intelligence
Anti-Phishing
MALWAREANALYTICS
BREACHANALYTICS
BREACHRESPONSE