PALO ALTO NETWORKS + LIGHTCYBER MAGNA SOLUTION BRIEF HIGHLIGHTS • Detect and remediate attacks early in the attack life cycle, and minimize or eliminate damage potential • Isolate breached computers, stopping attacks at an early stage • Block access to command & control servers and other malicious hosts to prevent additional computers from becoming compromised TODAY’S SECURITY CHALLENGE Targeted attacks continue to succeed in breaching organizations across all industries. Creative and persistent attackers almost always find an attack vector to achieve a beachhead and then progress an attack within the targeted organization. Traditional security solutions are often blind to subsequent attack stages, when the attacker operates freely inside the organization and conducts a variety of reconnaissance and lateral movement actions en route to perpetrating the objective. SOLUTION OVERVIEW By integrating network traffic inspection, endpoint state, and cloud-based threat intelligence, LightCyber Magna accurately detects compromised systems and stolen credentials inside the organization early in the attack lifecycle. This enables joint Palo Alto Networks and LightCyber customers to rapidly remediate breaches and stop attacks before serious damage is done. The integration of LightCyber Magna with Palo Alto Networks next-generation firewalls expands the Magna breach detection solution with remediation capabilities by leveraging the existing Palo Alto Networks security infrastructure to isolate compromised endpoints and block identified command and control channels. The combined solution enables joint customers to dramatically reduce attack dwell time and minimize or eliminate related damage. LightCyber Magna uses the Palo Alto Networks APIs to modify the firewall policy using PAN-OS Dynamic Address Groups. Blocked addresses are automatically applied to predefined policy groups, which in turn can dynamically update security policies thereby empowering security operators to rapidly isolate compromised devices and command and control channels. PALO ALTO NETWORKS - LIGHTCYBER INTEGRATION 1 Magna Detects an Active Attacker on an Endpoint in the Network MAGNADETECTOR 2 Magna Updates Palo Alto Core Switch Networks NGFW to Block/ Contain the Effected Endpoint PALO ALTO NETWORKS 4 Command & Switch Control and Data Exfiltration is Blocked 3 Lateral Movement is Prevented LightCyber Solution Brief | 1 WHAT MAKES LIGHTCYBER UNIQUE? LightCyber Magna Active Breach Detection platform profiles user and device behavior and accurately detects anomalous attack behavior at any time during the active attack lifecycle. Magna employs a unique Multivariate Attack Detection methodology that ingests a wide array of data, including full network context (DPI), endpoint state (agentless) and cloud-based threat intelligence. Focusing detection upon attack behavior rather than simple technical artifacts of malware enables Magna to be much more accurate and empowers users to rapidly identify and remediate breached devices and user accounts. LightCyber Magna™ delivers a three-step automated methodology, closing the breach detection gap: DETECT • Behavior-Based Profiling with Multivariate Attack Detection −− Comprehensive Network-Based (DPI) and Endpoint (Agentless) Inputs −− Profiles User & Device Behavior −− Detects Attack Activity Across All Phases of Attack • Automates Attack Detection and Diagnosis Tasks VALIDATE • Actionable Alerts with Targeted Forensics (2-5 / Day) • Associate Malicious Network Behavior and Endpoint State • Cloud Expert System Leverages Threat Intel to Augment Accuracy REMEDIATE • Log Integration with Leading SIEM Platforms • User / Device Containment via AD, NAC, & NGFW Platform Integration WHAT MAKES PALO ALTO NETWORKS UNIQUE? Palo Alto Networks is leading a new era in cybersecurity by protecting thousands of enterprise, government, and service provider networks from cyber threats. Because of its deep expertise, commitment to innovation and game-changing security platform, thousands of customers have chosen Palo Alto Networks and it is the fastest growing security company in the market. Palo Alto Networks security platform natively brings together all key network security functions, including advanced threat protection, firewall, IDS/IPS, and URL filtering. Because these functions are natively-built into the platform and share important information across the respective disciplines, it ensure better security than legacy firewalls, UTMs, or point threat detection products. With Palo Alto Networks platform, organizations can safely enable the use of all applications, maintain complete visibility and control, confidently pursue new technology initiatives like cloud and mobility, and protect the organization from cyber attacks - known and unknown. About LightCyber LightCyber is a leading provider of Active Breach Detection solutions that accurately detects active cyber attacks that have circumvented traditional threat prevention systems. The LightCyber Magna™ platform is the first product to actively profile both network traffic and endpoint information to understand the behavior of users, devices and applications and to detect compromised computers and stolen credentials early in the attack lifecycle, allowing users to remediate breaches and stop attacks before the damage is done. Founded in 2011 and led by world-class cyber security experts and a seasoned management team, the company’s products have been successfully deployed by top-tier customers in the financial, legal, telecom, government, media and technology sectors. For more information, please visit http://www.lightcyber.com. LIGHTCYBER 5050 El Camino, Suite 226 Los Altos, CA Ph: (844) 560-7976 www.lightcyber.com LightCyber Solution Brief | 2 Copyright © 2014 LightCyber. All Rights Reserved.
© Copyright 2024