LightCyber Zeros in on Data Breaches With Increased Accuracy and Actionability

New N2PA Feature Directly Traces Attack Activity Identified on the Network to the Source Executable on the Endpoint

LOS ALTOS, Calif. & RAMAT GAN, Israel--()--LightCyber, a leading provider of Active Breach Detection solutions, today announced Version 3.0 of the LightCyber Magna™ platform that enables even higher levels of accuracy and actionability in finding active network intruders. The introduction of two new features extends the unique attack detection and remediation capabilities enabled through integrated network and endpoint context. The new Network-to-Process Association (N2PA) technology provides the industry’s first ability to directly associate suspicious network traffic with a specific executable process or file on an endpoint via an agentless mechanism. In addition, the new Malicious File Termination (MFT) technology allows a security incident responder to remotely delete a file once it is confirmed as a part of an active attack. With the addition of these two features, security operators will have an even greater ability to efficiently detect active attacks, utilize automatically generated investigative data for incident response and rapidly stop the breach before damage is done.

“Given the well-documented history of breaches at enterprises of all sizes over the last 24 months, it’s clear that sophisticated attackers with enough incentive can figure out how to penetrate even the most sophisticated security infrastructure”

While traditional threat prevention systems have been limited to either an endpoint or network-oriented threat detection context to prevent the initial intrusion attempt, the innovative LightCyber Magna Active Breach Detection platform integrates network activity and endpoint state into a single detection domain to detect active attackers that have circumvented legacy threat prevention systems. Instead of using technical artifacts that might or might not be associated with an attack, LightCyber Magna employs behavioral profiling to identify anomalous attack behaviors that cybercriminals must use to successfully perpetrate their attack, including reconnaissance activities, lateral movements from machine to machine, external communications with command centers and, ultimately, data exfiltration. While prior Magna versions already combined network and endpoint intelligence, version 3.0 with N2PA and MFT provides a significant advance in accuracy and actionability by identifying the specific file or process involved with an active breach and then allowing the incident responder to take immediate action. Actionability and accuracy help reduce attack dwell time and the associated damage potential – the ultimate goal of security organizations.

“Given the well-documented history of breaches at enterprises of all sizes over the last 24 months, it’s clear that sophisticated attackers with enough incentive can figure out how to penetrate even the most sophisticated security infrastructure,” said Jason Matlof, executive vice president, LightCyber. “Once a breach occurs, it is a race against time to find the intruder and stop the attack before theft or damage can occur. N2PA sets a milestone for the industry in accelerating the ability to find and stop targeted attacks with a new level of speed and precision.”

N2PA and MFT are now fully integrated into Magna Pathfinder, the agentless endpoint software subscription service of the Magna platform. Magna Pathfinder automatically inspects suspicious endpoints without downtime or the installation of any kernel or driver agents. N2PA enhances prior Pathfinder endpoint anomaly detection capabilities by directly tying a detected malicious network activity with the originating process running on the source device. The MFT feature enables an incident responder to stop the process remotely and remove the file with a single mouse click. It extends existing Magna remediation capabilities, including integration with next generation firewalls (NGFW), network access control (NAC) protocols, and Microsoft Active Directory permissions.

Version 3.0 of the LightCyber Magna platform will be in general availability by Summer 2015. Existing customers with a maintenance contract will receive a software upgrade. For new customers, it will be the default shipping version of the product.

About LightCyber

LightCyber is a leading provider of Active Breach Detection solutions that accurately detect active cyber attacks that have circumvented traditional threat prevention systems. The LightCyber Magna platform is the first security product to simultaneously profile both network traffic and endpoint state in order to accurately detect compromised user accounts and devices early in the attack lifecycle, and to enable security operators to remediate breaches and stop attacks before real damage is done. Founded in 2011 and led by world-class cyber security experts, the company’s products have been successfully deployed by top-tier customers around the world in the financial, legal, telecom, government, media and technology sectors. For more information, please visit http://www.lightcyber.com or follow us on TwitterLinkedIn and Facebook.

Additional Resources:

Blog post from Jason Matlof, Executive Vice President

http://lightcyber.com/blog/network-and-endpoint-visibility-to-find-active-breaches

Contacts

LightCyber
Steve Schick, 650-388-9155
steve.schick@lightcyber.com