Lastline is the market leading solution that detects advanced malware and provides a deep understanding ofthe Internet's malicious infrastructure. Lastline leverages comprehensive sharedthreat intelligence to provideadvanced malware defenses for companies of all sizes.
Lastline’s patentedtechnology analyzes advanced malware at an unprecedented speed and volume with flexible deployment options. Lastline can analyze binaries and web content as it enters the network, regardless ofwhether itis over the network, web traffic or email. Lastline can map the malicious actions at a level of accuracy and relevance previously unavailable. Lastline's higher level of accuracy and attention to the everyday requirements of IT managers allows for the delivery of actionable threat intelligence to security teams and to companies that rely on managed security services for their protection.
Detect, Decide, Defend
Lastline's unique breach detection technologyintegrates advanced threat detection capabilities seamlessly into your existing security portfolio.
Detect: Capture Evasive Malware & Monitor Suspicious Network Traffic
Decide: Understand Evasive Malware and Indicators of Compromise
Defend: Block Traffic, Log Advanced Threats and Quarantine Malware
Cover Your Entire Enterprise
Lastline provides comprehensive breach detection of advanced and evasive threats across your entire enterprise — different operating systems (Windows, Mac OS X, and Android), physical and virtual hosts, services, users, network infrastructure and Web, email, content, and mobile applications. With its open architecture, Lastline works hand-in-hand with numerous leading technology partners to optimize security operations, reporting, and data visibility.
Deploy Multiple Layers of Defense
cover every network — physical or virtual
Strategically position defenses across not only your perimeter, but also your data center, internal networks and distribution layers to add additional security and prevent lateral infection spread. Most Lastline software can be installed on standard server hardware or be hosted. This means that deployment is possible in environments where the installation of an appliance, is not an option.
with per-user pricing
Lastline’s flexible software-based platform allows organizations to scale their breach defenses on a predictable basis, from a single location to an infinite number of remote, branch, and mobile offices. Licensing is done by user count - not by location, appliance or bandwidth.
Deep Content Inspection™
with full-system emulation (FUSE ™)
Lastline detects unknown malware(sometimes referred to as APTs (Advanced Persistent Threats), ATAs, zero-days, etc.) specifically designed to evade first-generation APT sandbox appliances. When compared to competing approaches such as virtualization and OS emulation, Lastline’s full-system emulation provides the deepest level of visibility into unknown malware behavior and is the hardest for evasive malware to circumvent. The result is the successful detection of highly-evasive malicious attacks that others simply don’t see.
Compared to or compared with? I can’t recall the rule.
Advanced Threat Intelligence
be aware of the latest advanced threats
Lastline’s unique threat intelligence database contains advanced and evasive attack information that no other security vendor can provide. Built on more than ten years of R&D, this knowledge base contains information on active command and control (C&C) servers, objects with zero-day exploits, toxic web sites and malware distribution points identified as having breach intent. Organizations can import custom IDS/IPS rules, YARA rules, and threat intelligence for analysis and defend against threats specific to your organization. This database is continuallyupdated,multiple times per hour, with intelligence from partnerand customer environments.
This sentence doesn’t make sense
Rapid Detection Regardless of Volume
every second counts when you are under attack
The Lastline Breach Detection Platform identifies both endpoint and network indicators of compromise (IOCs) for breach confirmation. It draws on real-time threat intelligence to trigger incident response and proactively block threats. Elastic analysis capabilities allow the Lastline next-generation sandbox to handle changes in volume without compromising the speed or integrity of analysis. NSS Labs recently evaluated Lastline and observed superior throughput performance without compromises – maintaining 100% effectiveness and zero false positives.
We may not want to mention throughput.
Respond to Advanced Attacks
more signal, less noise
Breach analysis results arepresented via a web-based portal using an incident-centric approach.Evidence from next-generation sandbox analysis, network monitoring, and anomaly detection are correlated to provide actionable analyses of ongoing incidents. Indicators of compromise (IOCs) associated with evasive malware and command and control traffic (C&C) are prioritized to reduce noise and save responders time.
Integrate with Your Security Systems
with simple connectors
Lastline’s open architecture makes it easy for Lastline to complement traditional security investments (network, end-point, and management systems) and augment existing SOC and IR operational workflows. Lastline can push blocking rules to NGFWs (Next-Generation Firewalls), send breach event information to your SIEM (Security Information Event Management), block in-line with IPSs (Intrusion Prevention Systems) and add evasive malware understanding to SWGs (Secure Web Gateways).
proactively block malicious objects & network traffic
Lastline's advanced threat intelligence can feed to existing security investments, such as UTMs (Unified Threat Management), next-Generation Firewalls or Intrusion Prevention Systems, to provide security analysts and incident responders with additional behavior information and context on threats. This includes threats that avoid traditional blocking through advanced and unknown means.