you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

Transcription

1 MSSP you us are a Managed Security Service Provider looking to offer Advanced Malware Protection Services Lastline is the only company with 10+ years of academic research focused on detecting advanced malware. With Lastline s software platform, your company can add premium, highly-profitable, advanced malware protection to your service offering. Your Advanced Malware Protection Services: Empower your customers to catch and stop advanced malware that traditional security technologies and first-generation APT defense systems miss while complementing your traditional managed security services with a software solution that is practical for your business model. Business Benefits: Improve your margin Drive top-line revenue Upsell to your base Enhance service offering No hardware to finance Service Benefits: Serve various customers Subscription pricing Co-branded availability Operationally scalable Serve multiple networks Lastline products provide a rich (Application Protocol Interface) that can connect to 3rd party network security products and includes multi-vector support, so that you can offer advanced malware managed security services for , web, content and mobile Zero-Day Exploits Web Content Polymorphic Viruses Evasive Malware APAC: of 5

2 How is Lastline different? Lastline software products have been designed and developed to operate in multi-tenant environments. We provide unparalleled scalability, protection, management, and integration with existing systems to optimize your MSSP operational process. Your Service Differentiation With Lastline Flexible multi-tenant architecture allows for scalability as your customer base grows. Lastline offers the ability to deploy on commodity hardware or in virtual environments, so you and your customers can deploy without having to worry about expensive proprietary hardware costs. Highlights Scalability Multi-tenant architecture Roll-out to multiple customer locations Provide services at multiple price points Protection Actionable threat intelligence Next-generation sandbox Complementary to traditional defenses Management Lastline has superior detection. By using both network and object analysis techniques, Lastline lets you accurately identify highlyadvanced threats and stop them. Lastline s full-system emulation functionality dissects not only APTs, but advanced malware crafted to evade detection of traditional sandboxes used by first-generation APT security vendors. Correlation of advanced threats Threat scoring for surgical analysis Threat taxonomy for complete understanding Interoperability Interconnect with other security systems Make your single pane malware aware Empower your ops to customize systems APAC: of 5

3 Managing alerts is simple. The platform correlates several low-level events into a few high-level incidents, to enable your staff to quickly and cost-effectively respond to threats impacting your customers. Detailed drill-down capabilities also allow for a clear understanding of the entire threat taxonomy. Infection Incident 1 Incident 2 Incident 3 Lastline s unrivaled capabilities allow you to easily integrate our software solution with existing security infrastructure to add malware understanding and better protect against advanced cyber threats. SWGs (secure web gateways), IPSs (Intrusion Protection System), NGFWs (next-generation firewalls) and SIEM (Security Information Event Management) installations can interoperate seamlessly with the Lastline platform. Analysis SIEM Object Analysis Endpoint & Cloud APAC: of 5

4 How will Lastline work in your environment? Lastline s platform consists of five core components: Component Function Sensor Sensors, provide multi-vector support. Can analyze network, , web, content and mobile traffic. Sensors can extract objects for advanced malware analysis and stop cyber threats. Sensors can run on commodity servers or VMware instances. Manager Managers, are multi-tenant, and interconnect Sensors to Engines. Managers route objects for analysis to Engines. Managers correlate threat events into incident views of network and object activity. Managers can be installed on commodity servers or hosted by Lastline. Analysis 3rd Party Security Engine Engines analyze objects with a nextgeneration sandbox using full-system emulation. This approach allows for greater visibility of advanced malware. Engines can be installed on commodity servers or hosted by Lastline. SIEM Object Analysis Endpoint & Threat Intel Lastline crawls the web, uses emulated browsers, machine learning, information on objects analyzed, big data analytics to build a knowledge base of malicious objects, bad IP addresses and active command-and-control systems. Available as a subscription service. Cloud The (Application Program Interface) provides the ability to submit objects for advanced malware analysis from any 3rd party sensor or system, query the Threat Intelligence and display pertinent threat level information. Available with the platform. APAC: of 5

5 Lastline s platform can easily be deployed in your environment and your customer s network. Lastline Environment MSSP Environment Customer Locations Security Operations Center Integrate with existing management Correlate events HQ Web Data Center SITE 1 Content Threat Intelligence Multi-tenant Manager SITE 2 SITE 3 Engines VM Lastline s Environment In Your MSSP Environment Customer s Environment The multi-tenant Managers in your data center pull the latest Threat Intelligence of known advanced threats from Lastline. This intelligence gets pushed to the Sensors in your customers networks from your Managers. The Manager and Engine components are installed onpremise in your private data center. As the need to inspect more objects for advanced malware increases, simply install and cluster additional Engines. Managers correlate events processed by all sensors and engines, and rolls them up via an to your existing management systems. Sensors are deployed throughout your customers locations and layers of defense to monitor traffic and capture objects for advanced malware. Deploy sensors behind traditional NGFW, NIPS, ESG, SWG to inspect , web, content and mobile traffic. Sensors can be deployed on physical or virtual networks. Third-party sensors can also be used to collect objects for Engine analysis. Lastline s Threat Intelligence allows Sensors to identify traffic associated with advanced threats and, depending on the configuration, generate an alarm and/or stop the attack. If the Sensors identify unknown artifacts (programs or documents) being downloaded, they extract the objects from the network and send them to the Engine cluster in your private data center for further analysis using full-system emulation techniques. Start offering advanced malware managed services now using Lastline s premier software platform. About Lastline, Inc. Lastline, Inc. provides the best-in-class malware protection platform to detect and stop advanced persistent threats, zeroday exploits, and evasive malware. The company was founded in 2011 by world-renowned security researchers and creators of Anubis and Wepawet malware analysis tools used by thousands of security vendors, enterprises, and government agencies worldwide. The company is headquartered in Redwood City, California, with offices in North America, Europe and Asia Pacific. To learn more, visit. APAC: of 5