Cover Your Entire Enterprise
secure your entire network footprint
Lastline provides comprehensive breach detection of advanced and evasive threats across your entire enterprise — different operating systems (Windows, Mac OS X, and Android), physical and virtual hosts, services, users, network infrastructure and Web, email, content, and mobile applications.
Deploy multiple layers of defense
cover every network — physical or virtual
Strategically position defenses across not only your perimeter, but also your data center, internal networks and distribution layers to add additional security and prevent lateral infection spread. Lastline software can be installed on standard server hardware or virtual instances, so deployment is possible in environments where the installation of an appliance is not.
with per-user pricing
Lastline’s flexible software-based platform allows organizations to scale their breach defenses on a predictable basis, from a single location to an infinite number of remote, branch, and mobile offices. Licensing is done by user – not by location, appliance or bandwidth.
Detect Evasive Threats That Others Miss
with full-system emulation
Lastline detects unknown threats (APTs, ATAs, zero-days, etc.) specifically designed to evade first-generation APT sandbox appliances. When compared to competing approaches such as virtualization and OS emulation, Lastline’s full-system emulation provides the deepest level of visibility into unknown malware behavior and is also the hardest for evasive malware to circumvent. The result is the successful detection of highly-evasive malicious attacks that others simply don’t see.
Advanced Threat Intelligence
be aware of the latest advanced threats
Lastline’s unique threat intelligence database contains advanced and evasive attack information that no other security vendor can provide. Built on more than ten years of R&D, this knowledge base contains active command and control (C&C) servers, objects with zero-day exploits, toxic web sites and malware distribution points identified as having breach intent. Import custom IDS/IPS rules, YARA rules, and threat intelligence to adjust environment for analysis and defend against threats specific to your organization. This database is continuously updated in real-time with intelligence from partner and customer environments.
Rapid Detection Regardless of Volume
every second counts when you are under attack
The Lastline Breach Detection Platform identifies key indicators of compromise (IOCs) for breach confirmation and draws on real-time threat intelligence to trigger incident response and block attacks immediately. Elastic analysis capabilities allow the next-generation sandbox to handle changes in volume without compromising the speed or integrity of analysis. Suspicious traffic and objects are analyzed in real time — not minutes or hours — providing the quickest time to notification and remediation.
Respond to Advanced Attacks
more signal, less noise
Breach analysis results are presented via a web-based portal using an incident-centric approach in which evidence from next-generation sandbox analysis, network monitoring, and anomaly detection are correlated to provide actionable analyses of ongoing incidents. Indicators of compromise (IOCs) associated with evasive malware and command and control traffic (C&C) are prioritized to reduce noise and save responders time.
Integrate With Your Security Systems
with simple connectors and a robust API
Powerful APIs were designed to complement traditional security investments (network, end-point, and management systems) and optimize existing SOC and IR operational workflows. Push blocking rules to NGFWs (Next-Generation Firewalls), send breach event information to your SIEM (Security Information Event Management), block in-line with IPSs (Intrusion Prevention Systems) and add evasive malware understanding to SWGs (Secure Web Gateways).
Proactively block known malicious objects & network traffic
Lastline’s advanced threat intelligence can feed to existing security investments, such as Next-Generation Firewalls or Intrusion Prevention Systems, to provide security analysts and incident responders with additional behavior information and context on threats.
Quickly respond to the unknown
In the case that a previously unknown or zero-day exploit is identified, the Lastline platform provides sensors and 3rd party security systems with updated intelligence to create blocking rules that stop active breaches.
Choose the deployment solution that’s best for your Enterprise.
Deploy in your private cloud or ours
because everyone loves options
Lastline Enterprise was designed with flexibility in mind. If your Enterprise is restricted by strict privacy laws and policies, deploy on-premise, and install components in your data center. Network behavior models associated with malware will be regularly downloaded from Lastline. Or choose the hosted deployment model and Lastline will manage the backend infrastructure for you.