Palo Alto Networks + LightCyber Solution Brief

PALO ALTO NETWORKS + LIGHTCYBER MAGNA
SOLUTION BRIEF
HIGHLIGHTS
• Detect and remediate attacks
early in the attack life cycle, and
minimize or eliminate damage
potential
• Isolate breached computers,
stopping attacks at an early
stage
• Block access to command &
control servers and other malicious hosts to prevent additional
computers from becoming
compromised
TODAY’S SECURITY CHALLENGE
Targeted attacks continue to succeed in breaching organizations across all industries. Creative and persistent attackers almost always find an attack vector to
achieve a beachhead and then progress an attack within the targeted organization.
Traditional security solutions are often blind to subsequent attack stages, when the
attacker operates freely inside the organization and conducts a variety of reconnaissance and lateral movement actions en route to perpetrating the objective.
SOLUTION OVERVIEW
By integrating network traffic inspection, endpoint state, and cloud-based threat
intelligence, LightCyber Magna accurately detects compromised systems and
stolen credentials inside the organization early in the attack lifecycle. This enables
joint Palo Alto Networks and LightCyber customers to rapidly remediate breaches
and stop attacks before serious damage is done.
The integration of LightCyber Magna with Palo Alto Networks next-generation
firewalls expands the Magna breach detection solution with remediation capabilities by leveraging the existing Palo Alto Networks security infrastructure to isolate
compromised endpoints and block identified command and control channels. The
combined solution enables joint customers to dramatically reduce attack dwell
time and minimize or eliminate related damage.
LightCyber Magna uses the Palo Alto Networks APIs to modify the firewall policy
using PAN-OS Dynamic Address Groups. Blocked addresses are automatically applied to predefined policy groups, which in turn can dynamically update security
policies thereby empowering security operators to rapidly isolate compromised
devices and command and control channels.
PALO ALTO NETWORKS - LIGHTCYBER INTEGRATION
1 Magna Detects an
Active Attacker on an
Endpoint in the Network
MAGNADETECTOR
2 Magna Updates Palo Alto
Core Switch
Networks NGFW to Block/
Contain the Effected Endpoint
PALO ALTO NETWORKS
4 Command &
Switch
Control and Data
Exfiltration is Blocked
3 Lateral Movement
is Prevented
LightCyber Solution Brief | 1
WHAT MAKES LIGHTCYBER UNIQUE?
LightCyber Magna Active Breach Detection platform profiles user and device
behavior and accurately detects anomalous attack behavior at any time during
the active attack lifecycle. Magna employs a unique Multivariate Attack Detection
methodology that ingests a wide array of data, including full network context
(DPI), endpoint state (agentless) and cloud-based threat intelligence. Focusing
detection upon attack behavior rather than simple technical artifacts of malware
enables Magna to be much more accurate and empowers users to rapidly identify
and remediate breached devices and user accounts. LightCyber Magna™ delivers
a three-step automated methodology, closing the breach detection gap:
DETECT
• Behavior-Based Profiling with Multivariate Attack Detection
−− Comprehensive Network-Based (DPI) and Endpoint (Agentless) Inputs
−− Profiles User & Device Behavior
−− Detects Attack Activity Across All Phases of Attack
• Automates Attack Detection and Diagnosis Tasks
VALIDATE
• Actionable Alerts with Targeted Forensics (2-5 / Day)
• Associate Malicious Network Behavior and Endpoint State
• Cloud Expert System Leverages Threat Intel to Augment Accuracy
REMEDIATE
• Log Integration with Leading SIEM Platforms
• User / Device Containment via AD, NAC, & NGFW Platform Integration
WHAT MAKES PALO ALTO NETWORKS UNIQUE?
Palo Alto Networks is leading a new era in cybersecurity by protecting thousands
of enterprise, government, and service provider networks from cyber threats.
Because of its deep expertise, commitment to innovation and game-changing
security platform, thousands of customers have chosen Palo Alto Networks and it
is the fastest growing security company in the market.
Palo Alto Networks security platform natively brings together all key network
security functions, including advanced threat protection, firewall, IDS/IPS, and
URL filtering. Because these functions are natively-built into the platform and
share important information across the respective disciplines, it ensure better
security than legacy firewalls, UTMs, or point threat detection products.
With Palo Alto Networks platform, organizations can safely enable the use of all
applications, maintain complete visibility and control, confidently pursue new
technology initiatives like cloud and mobility, and protect the organization from
cyber attacks - known and unknown.
About LightCyber
LightCyber is a leading provider of Active Breach Detection solutions that accurately detects active cyber attacks that have circumvented traditional threat prevention
systems. The LightCyber Magna™ platform is the first product to actively profile both network traffic and endpoint information to understand the behavior of users, devices
and applications and to detect compromised computers and stolen credentials early in the attack lifecycle, allowing users to remediate breaches and stop attacks before
the damage is done. Founded in 2011 and led by world-class cyber security experts and a seasoned management team, the company’s products have been successfully
deployed by top-tier customers in the financial, legal, telecom, government, media and technology sectors. For more information, please visit http://www.lightcyber.com.
LIGHTCYBER
5050 El Camino, Suite 226
Los Altos, CA
Ph: (844) 560-7976
www.lightcyber.com
LightCyber Solution Brief | 2
Copyright © 2014 LightCyber. All Rights Reserved.