LightCyber caught my eye in a briefing as a security tool with a strong selling point. If it sends up a flag, you’ve genuinely got a breached host you need to deal with. Coming from a world of endless firewall logs and IDS/IPS false positives, running into a security product that was picking out actual problems from the background noise was compelling.
We’re pleased to have LightCyber as a Packet Pushers sponsor. The LightCyber team explains their product and what we discuss on the podcast in more detail below.
In this podcast, we introduce the LightCyber Magna Active Breach Detection platform, which detects active breaches that have become all too common and represent one of the biggest concerns in IT security today. Remarkably, most companies do not have the staff or proper tools to detect an active breach that has circumvented conventional threat prevention infrastructure. Broad industry surveys confirm that average attacker dwell time is six months, and that the eventually discovery is made by third parties – not internal IT security. When surveyed, most organizations admit that they have very low confidence in their ability to detect a targeted data breach.
LightCyber Magna Active Breach Detection platform automatically detects active attackers by identifying the anomalous operational behaviors of an attacker once they land in your network and have compromised a host or user account. By focusing on actual attack behaviors, and not technical artifacts like signatures, blacklisted domains, or specific file actions, Magna provides much higher accuracy breach indicators and eliminates the traditional volume of false positive alerts that require extensive triage and research. Active Breach Detection curtails dwell time of an attack to minimize theft and damage and greatly enhance the productivity of the IT or security organization.
The LightCyber Magna platform utilizes behavioral profiling through machine learning to accurately detect these anomalous attack behaviors. This approach automates the detection and validation process, and creates highly accurate, actionable alerts for the security analysts. The platform is the only solution to incorporate both network (DPI) and endpoint (agentless) context to quickly and accurately determining an active data breach. This combination ensures the best of both worlds – broad visibility from the network that cannot be obscured or circumvented, and details from endpoints that can confirm malicious activity with highly actionable investigative data that enables immediate remediation.
Listen to the podcast for a detailed understanding of how to detect targeted data breaches in your network. For access to videos, demos, white papers and other resources, please visit: http://lightcyber.com/lightcyber-video/.