Lastline Defender is best for organizations that have a SOC with full-time security analysts; typically 1,000+ employees. Users are Level 1, 2 and 3 security analysts, across any industry or geography.
Lastlne Defender uses a combination of four complementary technologies, powered by AI, to deliver highly effective network detection and response against sophisticated threats with minimal false positives.
1. Network Traffic Analysis detects anomalous activity and malicious behavior as it moves laterally across a network.
2. Intrusion Detection and Prevention (IDPS) detects and prevents known threats attempting to enter a network.
3. File analysis detects malicious content attempting to enter your network via the web, email or file transfers
4. Global Threat Intelligence updates Lastline Defender's detection and analysis capabilities in real time
Users need knowledge of cyber threats and attack vectors. That's what's needed to realize the greatest benefit from the high-fidelity insights that Lastine Defender delivers.
1. Our malware analysis is widely regarded as the best in the industry, as demonstrated by independent tests in which we achieved 100% breach detection with zero false positives.
2. Our deep understanding of malicious behaviors informs our network traffic analysis to discern between malicious anomalies and benign activity.
3. We provide an intrusion blueprint, detailed timeline, detailed malicious behaviors and other insights needed to completely remediate an attack
4. Lastline automates protection by integrating with third-party products, incident response workflows, and custom applications, whether on-premises or in the cloud. Existing security controls can automatically send unknown objects and websites to Lastline for analysis and receive actionable threat intelligence to automate response workflows.
Darktrace
Vectra
ExtraHop
Our competitors focus use anomaly detection to detect unusual activity in a network. Unfortunately for their users, a lot of benign activity can still appear anomalous, which generates a lot of false positives that need to be manually review. Lastline's understanding of what malware actually does enables us to distinguish between benign and malicious anomalies, improving detection of cyber attacks while minimizing false positives.
In 2019 we announced new security capabilities for public cloud workloads. In 2020 we'll continue to expand the cloud platforms we protect and our overall cloud security capabilities.
Lastline Defender was developed from the beginning with an understanding of the importance of integrations. Accordingly we offer built-in integrations with dozens of technology partners and provide robust APIs to optimize current technologies, staff, and processes.
Pricing is based on the number of users (that is, the number of people on an organization's network who are being protected). Customers can deploy as many sensors as they want at no additional charge, using off-the-shelf hardware or VMs.
We offer a "proof of value" trial to qualified prospective customers.
Deployment can be either on premises or hosted (SaaS). For our hosted customers, implementation typically takes less than 30 minutes.