Detecting and Responding To Advanced Threats Faster: Lastline Delivers the Most Effective and Comprehensive Security Platform

Lastline is revolutionizing the way companies improve network breach protection with malware detection tools that uncover malware- and browser-based attacks and malicious network activity before suffering a costly data breach. And Lastline enables to do this with fewer resources and at a lower cost than existing malware detection tools.

In 2011, Drs. Engin Kirda, Christopher Kruegel, and Giovanni Vigna, three of the world’s most influential academic researchers in cybersecurity, founded Lastline. The company’s vision is informed by the founders’ world-renowned research on malware analysis and evasion techniques, academically-rooted rigor, innovative approaches to network breach protection, and a passion to improve enterprise cybersecurity.

Lastline’s unmatched level of visibility, accuracy, and effectiveness, and its focus on IT managers’ ever-increasing pressure to secure company networks and assets has resulted in the company providing specific, actionable, context-rich threat intelligence and decreased data loss to many of the largest and most successful companies around the world.

The Lastline Mission

The company’s mission is to enable its customers to defend their organizations against advanced, evasive malware that cause costly data breaches.

Lastline is dedicated to continuous innovation to provide the best defense against and the most complete visibility into the behavior of advanced malware. Its solution rapidly detects advanced malware that other security solutions miss, eliminating data breaches, therefore saving money and time for its customers while protecting their valuable data and brand reputation.

The World-Class Solutions

How Lastline Achieves Specific Breach Protection Goals

Lastline’s advanced malware detection and breach protection solutions provide the visibility, context, and integration one needs to protect the network from malware-based attacks, for a wide range of use cases. Organizations choose Lastline to:

• Respond to Network Breaches
• Defeat Malicious Emails
• Protect Against Malicious Websites
• Analyze Network Traffic
• Detect Malware on Endpoints
• Block Malicious Objects

Breach Protection Platform

Lastline has created the industry’s most complete Breach Protection Platform to deliver the visibility, context, and integration one needs to defend the network from breaches. It is built on Lastline’s expertise gained from over 10 years of research focused on detecting advanced malware and its behavior once inside a network.

The Lastline Breach Protection Platform provide with a dynamic blueprint of a breach as it unfolds in the network. This blueprint provides with complete breach visibility and context, displaying movement of the attack across the network and the global context of all indicators of compromise (IOCs) related to the attack.

Understanding Advanced Malware

Evasive malware can easily escape detection by “advanced” security technologies like sandboxes, firewalls, and intrusion prevention systems. Evasive malware avoids being detected by sandboxes or other security controls by altering its behavior and adopting one or more evasion tactics.

Lastline detection technology is designed to remain hidden while interacting with advanced malware. The company’s Deep Content Inspection™ environment engages with the malware to catalog every malicious action the malware can take and provide actionable malware analytics. It provides with complete visibility of the full range of malicious behavior engineered within the malware.

Case Study

GTMaritime GTMailPlus: Protecting Email from Advanced Threats at Sea and Across the Globe

The Challenge

How do you communicate with the world from the middle of the Atlantic or the Pacific Ocean? Consider also being aboard a gigantic, steel framed engine, carrying potentially explosive products or life-saving supplies from one side of the world to the other for months at a time. Now factor in how email is exploited as an attack vector against vessels as recently seen in news headlines.

Cybercriminals target ships at sea for a number of reasons, including ransomware (demanding payment to return control of a ship’s navigation system, for example), identity theft (targeting ship email systems in order to infect unsuspecting crew members), and politically-driven motives, such as decreasing a naval vessel’s defensive capabilities. Regardless of the initial motive, the collateral impact of crippling a ship’s communications systems includes isolating the crew from friends and family.

The Solution

Using Lastline’s advanced malware analysis for email systems; GTMaritime designed GTMailPlus as a cutting-edge service optimized for use in demanding, remote maritime environments. GTMaritime deployed the Lastline sensor inline in full Mail Transfer Agent (MTA) mode to isolate, independently analyze, and block malicious attachments and URLs before they are routed to recipients. The Lastline analysis provides evidence-based reporting so that GTMaritime’s incident response engineers have complete transparency.

The Results

GTMailPlus is a secure, reliable, cloud-based service that secures essential business communications in an optimized manner. The web dashboard allows for the remote configuration and administration of vessels. Both crew and shore-based IT teams benefit from simple, effective, and efficient processes.

Testimony

“Lastline came out as the clear leader in our evaluation on two counts. First, the integration of the Sensor into our security stack was seamless. Second, the Lastline Deep Content Inspection could detect what others missed with virtually no false positives.”

Meet the Chief

Christopher Kruegel, Ph.D., Co-founder, and CEO: Christopher’s research interests focus on computer and communications security, with an emphasis on malware analysis and detection, web security, and intrusion detection.

Christopher is a Professor of Computer Science at UC Santa Barbara. He has published more than 100 peer-reviewed papers in top computer security conferences and has been the recipient of the NSF CAREER Award, MIT Technology Review TR35 Award for young innovators, IBM Faculty Award, and several best paper awards. Christopher regularly serves on program committees of leading computer security conferences including Program Committee Chair of the Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET, 2011); the International Symposium on Recent Advances in Intrusion Detection (RAID, 2007); the ACM Workshop on Recurring Malcode (WORM, 2007), and the ACM Conference on Computer and Communications Security (CCS 2016). He was also the head of a working group that advised the European Commission (EC) on defenses to mitigate future threats against the Internet and Europe’s cyber-infrastructure.

“We want to build the best products in the industry, and we are proud of our technology. In security, it’s not always easy for customers to understand and evaluate the pros and cons of different solutions. We believe in substance, and we put the security of our customers first.”