Lastline Illuminates Advanced Malware Behaviors To Defeat Cyber Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Feb 08, 2017 05:00 pm PST

Spring 2017 Release of Market-leading Malware Protection Solution Eliminates Browser-based Exploits, Accelerates Incident Investigation, and Alerts on Anomalous Network Traffic.

LONDON, UK. Lastline Inc., the leader in advanced malware protection, announced its latest enhancements to Lastline Enterprise for Global 5000 companies. The Spring 2017 Release adds capabilities to detect and eliminate browser based-attacks, speed incident investigation for security professionals, and provide early warning of unusual or suspicious network activity.

“We worked very closely with our largest global customers and partners to identify enhancements that ensure our solution addresses attack vectors that are causing the most pain,” said Brian Laing, Vice President Product and Business Development. “We focused on detecting advanced browser-based threats that target unsuspecting end-users because these are impossible for legacy sandboxes to identify and prevent.”

This release also expands the ability for all organisations to benefit from the shared information stored within the Lastline Global Threat Intelligence Network. The company has substantially expanded the breadth, depth, and immediacy of threat intelligence data available to security analysts, for whom every second counts when trying to quickly understand and respond to malware and potentially damaging data breaches. Furthermore, the solution now includes network anomaly detection that speeds detection of malicious activity before a company suffers any data exfiltration.

“Customer response has been extremely positive. These additional features offer unparalleled visibility and protection, improving security team productivity and ultimately protecting their organisations against today’s advanced cyber attacks,” explained Laing.

Major enhancements of the Spring 2017 Release include:

  • Rapid detection of browser-based exploits.

Lastline Enterprise Web Threat Detection leapfrogs signature- and reputation-based detection technologies to provide superior visibility into and protection from web threats that target browser vulnerabilities and do not rely on files being downloaded onto victims’ devices. Criminals are hiding malicious JavaScript within HTML code that’s delivering rich web browser content. Security teams now have visibility into the actions taken by these drive-by attacks or other zero-day threats.

  • Faster incident response using shared global threat intelligence.  

Security professionals now have expanded access to detailed malware Indicators of Compromise (IOCs) stored in the Lastline Global Threat Intelligence Network.Security Operations Center (SOC) Analysts can search the network to learn the behaviors of malicious code seen in the wild and leverage network and endpoint IOCs to apply the experience of other companies towards proactively defending their organisation against targeted attacks. Security professionals now can analyse threats within the global threat context, including information about attack types, frequency, and alignment with an overall malware campaign.

Lastline customers also now can receive alerts when IOCs matching user-defined criteria are detected by any Lastline customer or partner, or were previously captured in the Global Threat Intelligence Network. For instance, security teams can be alerted when malware is identified targeting their company. Security teams can proactively use this advanced reconnaissance to defend against the attack vectors prior to any malware infiltration.

  • Automated detection of anomalous network traffic.

Lastline Enterprise can now detect suspicious network traffic and issue an alert to security analysts. Anomalous network behavior is often a precursor to data exfiltration, and detecting it enables security analysts to respond before suffering any data loss. SOC Analysts and Network Administrators will see how active traffic compares to historic norms, spotting anomalies that often are early indicators of compromised systems.

Lastline Enterprise also associates anomalous network traffic patterns with malware behavior, allowing for faster remediation of data breaches. Security professionals gain visibility into security threats that target explicit devices  – for example, IP addresses and protocols – and identify policy violations.