Products found: 7
- Data classification and monitoring
- Data loss prevention, or DLP, capabilities
- User activity tracking for anomalies
- Known and unknown malware prevention
- Detailed risk and usage reporting
LightCyber empowers organizations to detect and stop active attacks in their network. Founded by cybersecurity experts in 2012, LightCyber has been leading the industry in the development of automated behavioral analytics capabilities and uses sophisticated machine learning to quickly, efficiently and accurately identify attacks based on identifying behavioral anomalies inside the network. LightCyber’s products have been successfully deployed by top-tier companies in the financial, healthcare, legal, telecom, government, media and technology sectors.
LightCyber detects malicious insiders, targeted external attackers and operationalized malware by monitoring network traffic; learns the behavior of all users and devices; and detects the anomalies that deviate from expected behavior. LightCyber starts with a blank slate and employs unsupervised machine learning to create these baseline profiles. From this ongoing profiling process, LightCyber pinpoints anomalous behaviors that are indicative of an attack or risky user behavior.
Targeted attackers can find ways to compromise systems and infiltrate networks. Once attackers are in the network, they begin a step-by-step process of reconnaissance and lateral movement using networking and admin tools. To stay under the radar, they often avoid using malware or known exploits. However, they still need to understand the network design and find the location of sensitive assets and expand their realm of control to gain access to these assets by conducting reconnaissance and lateral movement.
LightCyber stops attacks early by understanding how users and devices typically behave and by recognizing changes in behavior – such as a regular user performing administrative activity or scanning rarely accessed file shares – to stop an advanced attack early and definitively.
The LightCyber approach focuses on network and endpoint traffic, and on activity within the networking traffic, to drive its primary analysis. LightCyber uniquely offers:
Unsupervised machine learning to prevent unknown threats. LightCyber catches post-intrusion activity that does not involve malware or known exploits by learning expected behavior and detecting anomalies indicative of an attack.
Broad inputs to maximize detection accuracy and efficiency. LightCyber analyzes behavior across networks, users and endpoints to automate investigations and confirm suspicious behavior by pinpointing the endpoint process responsible for an attack. To achieve this, it analyzes the process in the cloud.
Attack mitigation across the entire attack lifecycle. LightCyber detects all stages of the attack lifecycle after the initial intrusion, focusing on hard-to-detect, low-and-slow reconnaissance and lateral movement to which most security products are blind.
Integrated remediation to prevent cyberattacks. Because LightCyber accurately detects attacks, it can block compromised devices and disable user accounts automatically, or administrators can do it through the click of a button.
LightCyber extends the ability of the Palo Alto Networks platform to mitigate unknown threats inside the network and root out attackers as they perform low-and-slow reconnaissance, expand control, and attempt to manipulate or steal data.
LightCyber enhances and extends our ability to prevent attacks across the attack lifecycle and especially at the internal reconnaissance and lateral movement stages, which are often important to a successful attack. With LightCyber added to our platform, it can further prevent command-and-control activity and data exfiltration by detecting anomalous behavior. You will gain unrivaled protection against targeted attacks, insider threats, risky behavior and malware inside your network.
Since our inception, Palo Alto Networks has pioneered new ways of tackling seemingly impossible security challenges and, along the way, has provided eye-opening visibility into user and application traffic as well as exceptional breach prevention capabilities. The LightCyber automated behavioral analytics technology represents another step in our evolution of delivering a platform at the forefront of the innovation curve. With the LightCyber technology, our platform will be able to analyze user, endpoint and network behavior and apply machine learning techniques to detect and stop active attackers inside the network who do not rely on malware or vulnerability exploits.
- Stops malware, exploits and ransomware by observing attack techniques and behaviors.
- Uses machine learning and AI to automatically detect and respond to sophisticated attacks.
- Includes WildFire malware prevention service to improve accuracy and coverage.
- Harnesses Cortex XDR detection and response to speed, alert triage and incident response by providing a complete picture of each threat and its root cause, automatically.
- Coordinates enforcement with network and cloud security to prevent successful attacks.
- Provides a single lightweight agent for protection and response.
- Protects endpoints while online and offline, on a network and off.
- Automatically determine the root cause to accelerate triage and incident response.
- Reduce the time and experience required from triage to threat hunting.
- Respond to threats quicker and adapt defenses from knowledge gained, making the next response even faster.
Palo Alto Networks WildFire cloud-based threat analysis service is the industry’s most advanced analysis and prevention engine for highly evasive zero-day exploits and malware. The service employs a unique multi-technique approach, combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.
WildFire changes the equation for adversaries, turning every Palo Alto Networks platform deployment into a distributed sensor and enforcement point to stop zero-day malware and exploits before they can spread and become successful.Within the WildFire environment, threats are detonated, intelligence is extracted and preventions are automatically orchestrated across Palo Alto Networks Next-Generation Security Platform in as few as five minutes of first discovery anywhere in the world.
WildFire goes beyond traditional approaches used to detect unknown threats, bringing together the benefits of four independent techniques for high-fidelity and evasion-resistant discovery, including:
Dynamic analysis – observes files as they detonate in a purpose-built, evasion-resistant virtual environment, enabling detection of zero-day exploits and malware using hundreds of behavioral characteristics.
Static analysis – highly effective detection of malware and exploits that attempt to evade dynamic analysis, as well as instant identification of variants of existing malware.
Machine learning – extracts thousands of unique features from each file, training a predictive machine learning model to identify new malware – which is not possible with static or dynamic analysis alone.
Bare metal analysis – evasive threats are automatically sent to a real hardware environment for detonation, entirely removing an adversary’s ability to deploy anti-VM analysis techniques.
Together, these four unique techniques allow WildFire to discover and prevent unknown malware and exploits with high efficacy and near-zero false positives.
WildFire threat analysis service:
- Detects evasive zero-day exploits and malware with a unique combination of dynamic and static analysis, novel machine learning techniques, and an industry-first bare metal analysis environment.
- Orchestrates automated prevention for unknown threats in as few as five minutes from first discovery anywhere in the world, without requiring manual response.
- Builds collective immunity for unknown malware and exploits with shared real-time intelligence from approximately 17,000 subscribers.
- Provides highly relevant threat analysis and context with AutoFocus.
- Classifies all applications, on all ports, all the time
- Enforces security policies for any user, at any location
- Prevents known and unknown threats
- Enables SD-WAN functionality
- Extended operating range for temperature
- Certified to IEC 61850-3 and IEEE 1613 environmental and testing standards for vibration, temperature, and immunity to electromagnetic interference
- Dual DC power (12–48V)
- High availability firewall configuration (active/active and active/passive)
- Fanless design with no moving parts
- Flexible I/O with support for both copper and optical via SFP ports
- Flexible mounting options, including DIN rail, rack, and wall mount
- Simplified remote site deployment via USB-based bootstrapping
The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.