D ATA S H E E T

We designed the Lastline Breach Protection platform to make it easy for you to incorporate Lastline’s unmatched breach protection technology into your existing infrastructure quickly.

Lastline technology complements your legacy security investments and optimizes your existing workflows. Through our diverse Technology

Alliance Partners, you can integrate data sharing bi-directionally with your third-party products and workflows to accelerate and simplify your

breach detection and response.

You can use your existing security infrastructure to send suspicious content to Lastline for analysis, to increase your visibility into malicious

behavior in your network and detect breaches faster. And, you can also export actionable threat intelligence from Lastline to your

existing security controls and workflows to respond automatically or manually to breaches.

Lastline Integrations Datasheet

MalwareAnalytics

NetworkAnalytics

ThreatAnalytics

Breach Analytics

Breach Protection Platform

Breach Response

TECHNOLOGYALLIANCE PARTNERS

TECHNOLOGYALLIANCE PARTNERS

D ATA S H E E T

Malware AnalyticsAt the core of Lastline’s Breach Protection platform is Deep Content Inspection™, our network-based malware analytics technology. Deep Content Inspection provides comprehensive analysis of every malicious behavior engineered into a piece of malware. It interacts with the malware to observe all the actions a malicious object could take, providing unmatched visibility into the malicious behavior built into the code.

Deep Content Inspection is superior to other malware analysis methods like OS emulation and virtualization because it provides greater visibility into malicious behavior and is virtually impossible to evade. It analyzes email, web, and network traffic in real time—not minutes or hours—providing the fastest time-to-notification and time-to-remediation. This insight enables you to focus your breach response and risk mitigation actions for maximum effectiveness.

Lastline’s Technology Alliance Partners have built-in integration that enables bi-directional data sharing with the Lastline platform. You can quickly integrate Lastline’s advanced malware analytics into your existing security portfolio to maximize the value of previous investments. Deep Content Inspection analyzes unknown objects collected by your current security controls as well as Lastline Sensors.

Network AnalyticsLastline’s Breach Protection platform monitors your network activity, including low-level events and seemingly benign activity, to uncover all malicious events. It facilitates hunting of latent threats residing in your network, resulting from file downloads, website content, and email attachments.

Threat AnalyticsLastline’s Threat Analytics provides global context for any malicious activity detected locally on your network. It enables you to understand how activity on your network relates to

activity detected across Lastline’s customer base, such as:

• Any malware seen by Lastline customers that references an IOC discovered in your network

• Any malware that targets a specific domain or URL

• Industries affected by the attack

Breach AnalyticsLastline Breach Analytics identifies relationships among what appear to be unrelated events from the breach. It correlates the data collected by both Lastline sensors and 3rd party tools, and applies advanced analytics to identify relationships among what appear to be unrelated events.

The result is the Breach Protection platform identifies additional IOCs, suspicious files and unusual behavior exhibited by systems, services, and applications that other tools miss.

Breach ResponseArmed with the visibility and context of the breach, you can use Lastline’s Breach Protection platform to respond quickly and effectively to breaches early in their lifecycle. It delivers data visualization that enables you to quickly understand the scope of the threat, including compromised systems, communication between local and external systems, and data sets accessed.

The accuracy of Lastline’s breach detection enables you to automatically update your other security controls to block critical policy violations and active threats in real time.

D ATA S H E E T

Malware AnalyticsCapture evasive malware and monitor

suspicious network traffic from across

your network

Breach Analytics Correlates the collected data and applies

advanced analytics to generate additional

insight into malicious activity in your

network

Breach ResponseUse Lastline Breach Defender’s high-fidelity

alerts to block threats in your network,

either automatically or manually

The Lastline and Carbon Black integration enables a two-way flow

of threat related data that enhances both products, and significantly

improves analysts’ ability to detect and prevent malware-based attacks.

OpenText Endpoint Security uses Lastline’s Deep Content Inspection to

identify advanced malware and act on Indicators of Compromise (IoCs)

provided by Lastline.

Lastline integrates with the Tanium Endpoint Platform to focus on

incident response and identify the most serious breaches.

The Lastline-Tripwire Endpoint Protection Platform (EPP) joint solution

provides customers with the ability to quickly and effectively detect and

defend against breaches caused by advanced and evasive threats.

Lastline’s Breach Protection platform powers Barracuda’s Advanced

Threat Detection on their cloud-based Email Security Service.

Lastline powers Check Point NGFW and firewall appliances by

delivering advanced malware identification for network protection

from sophisticated threats.

Lastline powers Forcepoint firewall, web security, email security products,

giving Forcepoint customers unmatched detection and visibility of

malicious behavior in their network.

Lastline’s Breach Protection platform powers the Hillstone Networks

Layered Threat Protection cloud-based sandbox solution.

Endpoint Security

Network Gateways - Next-Generation Firewall / Unified Threat Management (NGFW and UTM)

D ATA S H E E T

Lastline powers malware analysis for WatchGuard’s APT Blocker

available in NGFW and UTM appliances.

Lastline’s Breach Protection platform powers Barracuda’s Advanced

Threat Detection on their cloud-based Email Security Service.

Lastline integrates with Forcepoint firewall, web security, email security

products, giving Forcepoint customers unmatched detection and visibility

of malicious behavior in their network.

Lastline’s Breach Protection platform integrates with Cloud Access

Monitor to provide real-time cloud activity monitoring for advanced

threat protection.

Lastline powers the detection of drive-by downloads augmenting the

protection of Nimbusec Website Security Monitor to detect security

incidents on distributed corporate website infrastructures.

Lastline’s Breach Protection platform augments Spamina’s premium

antivirus technology to ensure the highest levels of malware prevention

for corporate email systems.

Lastline’s Deep Content Inspection powers Symantec’s Cloud Access

Security Broker (CASB) to protect web traffic against advanced persistent

threats.

Lastline integrates events, such as suspicious file downloads and irregular

netflow profiles, into HP Enterprise ArcSight holistic security reporting

capabilities.

IBM QRadar supports seamless integration of events produced by

Lastline, such as data breaches and irregular network traffic, into its

comprehensive security reporting capabilities.

Secure Email and Web Gateways and Cloud Access Services

Security Information & Event Management (SIEM)

MALWAREANALYTICS

BREACHANALYTICS

BREACHRESPONSE

D ATA S H E E T

Lastline’s Breach Protection platform is fully interoperable with

the Tipping Point IPS to power advanced malware analysis.

Lastline’s Breach Protection platform integrates with IBM X-Force Malware

Analysis on Cloud-XGS by accepting unknown objects automatically

submitted for in-depth malware analysis. IBM customers can also submit

unknown objects and indicators of compromise (IOCs) manually.

Lastline integrates with Gigamon’s GigaSECURE Security Delivery Platform

to quickly and accurately detect, block, and respond to advanced

malware.

Lastline’s Breach Protection platform integrates with the Symantec

Security Analytics Platform unparalleled accuracy in malware advanced

analysis.

Quickly and accurately detect, block, and respond to advanced malware

in your network by integrating Lastline Enterprise with Gigamon’s

GigaSECURE Security Delivery Platform.

Lastline integrates with Symantec’s SSL Visibility Appliances to detect

active security breaches caused by advanced and evasive threats in

Secure Sockets Layer (SSL) traffic.

Intrusion Prevention Systems (IPS)

Analytics, Management, and Policy

SSL Decryption

MALWAREANALYTICS

BREACHANALYTICS

BREACHRESPONSE

D ATA S H E E T

Experience the Lastline AdvantageFor more information please visit www.lastline.com

LASTLINE CORPORATE HEADQUARTERS

203 REDWOOD SHORES PARKWAY

SUITE 500

REDWOOD CITY, CA 94065

AMERICAS: +1 (877) 671 3239

EMEA: +44 (0) 207 749 5156

APAC: +65 6829 2207

WWW.LASTLINE.COM

© 2018 Lastline, Inc. All rights reserved. All other trademarks are the property of their respective owners. | v. 022718

Lastline’s malware analytics and threat intelligence integrates as a

feed into the ThreatConnect Threat Intelligence Platform delivering

unsurpassed accuracy.

Lastline Analyst integrates with the Phishme Triage system to accept files

and return results of Lastline’s advanced malware analysis.

Threat Intelligence

Anti-Phishing

MALWAREANALYTICS

BREACHANALYTICS

BREACHRESPONSE