Eliminate Targeted Attacks, Insider Abuse and Malware

LightCyber™ behavioral analytics from Palo Alto Networks® empowers you to stop active attackers and malware operating inside your network. LightCyber prevents data breaches by learning the expected behavior of users and devices and then detecting behavioral anomalies indicative of attack. After LightCyber detects a network attack, it interrogates the attack source to determine which endpoint process initiated the attack and then analyzes that process in the cloud to identify malware, allowing your security analysts to swiftly confirm and shut down threats.


Streamline Analysis With Rich Investigative Data

 

LightCyber cuts through the noise of security alerts to find the threats that matter. It builds a comprehensive model of user and device behavior with over 1,000 learned behavior dimensions to find anomalous activity. When alerts are fired, LightCyber provides detailed investigative information related to the alerted behavior, including the source process, user credentials, domain and other information to help security teams detect and remediate threats.


Catch Attackers at Any Stage of the Attack Lifecycle

LightCyber prevents cyberattacks from compromised users and devices across the attack lifecycle. Designed by cyberwarfare experts, LightCyber detects network-based attacker behaviors that attackers cannot conceal and links them to the endpoint process, whether malicious or benign, that was used in an attack.

LightCyber prevents the following threats:

  • Command and Control: LightCyber detects and stops repeated access to rarely accessed sites, tunneled connections, domain generation algorithms, and access to known and unknown C2 servers.
  • Reconnaissance: LightCyber identifies abnormal network scans, connection failures and darknet scans.
  • Lateral Movement: LightCyber uncovers new admin behavior, credential misuse and credential scraping.
  • Data Exfiltration: LightCyber detects irregular, large and suspicious data transfers.
  • Malware: LightCyber interrogates endpoints to find malware, riskware and suspicious artifacts

Confirm Attacks With Endpoint Analysis

To add valuable insight to network alerts, LightCyber Pathfinder can analyze Windows® and Linux systems to determine which executables generated suspicious traffic. Once identified, the LightCyber Cloud Expert System can detonate suspicious files in a virtual sandbox and examine them using virus scanning engines to determine if they are malicious. With LightCyber Pathfinder, security teams can verify attacks and find malware on endpoints without needing to install bulky endpoint agents.


Use Machine Learning to Pinpoint Threats

Machine learning empowers organizations to prevent internal network attacks, including attacks that do not involve known exploits or malware. By performing unsupervised machine learning with the right inputs and detection algorithms, LightCyber can detect the anomalies and behavioral changes indicative of an attack. LightCyber combines powerful network-based machine learning technology with agentless endpoint inspection and cloud intelligence to automatically detect and eliminate critical risks in the network.


Shut Down Cyberattacks Instantly

Detecting attacks is great; stopping them is even better. By integrating with Palo Alto Networks next-generation firewalls, security analysts can isolate compromised devices from the network with one click. Alternatively, administrators can disable user accounts in Active Directory® or terminate malicious endpoint processes from the LightCyber console. For automated remediation, LightCyber integrates with leading IT process automation systems. Eliminating network threats quickly has never been easier.


Zero In on the Most Critical Security Issues

LightCyber from Palo Alto Networks mitigates targeted attacks, malware, insider threats and risky behavior while avoiding burdensome manual configuration or requiring hefty logging and storage demands. With LightCyber, organizations can detect and stop attackers early, before data is compromised.

  • Accuracy
    Take advantage of incredibly accurate security alerts. Over 61 percent of all LightCyber alerts and 99 percent of confirmed alerts are investigated, remediated, or deemed useful based on how customers disposition alerts.
  • Operational Efficiency
    Leverage machine learning to automate attack analysis and drive down security alerts to a manageable volume – approximately one alert per 1,000 hosts per day on average.
  • Coverage Prevent
    threats originating from laptops, IoT devices and mobile devices, as well as servers in the data center and the cloud, with network and agentless endpoint analysis.
  • Integrated Remediation
    Quarantine malicious users and hosts by integrating with the Palo Alto Networks next-generation firewall, Microsoft® Active Directory or Network Access Control systems to disable user accounts or isolate devices. Alternatively, LightCyber Pathfinder can directly terminate malicious processes on compromised devices.

LightCyber Behavioral Analytics

LightCyber Behavioral Analytics
LightCyber closes the gap in breach detection by detecting attack behaviors and enabling security analysts to rapidly – or automatically – mitigate attacks. Download the datasheet to view LightCyber’s benefits and technical specifications.
View now >

Experience LightCyber for Yourself
Let us show you how you can find attackers in your network that your existing security solutions are missing. Request a live demo to learn how you can gain visibility into malicious activity in your network with LightCyber from Palo Alto Networks.
Request Demo>


Recommended

Palo Alto Networks and Enterasys Partnership

Enterprise Mobility and BYOD trends are causing significant disruption to traditional network security practices. The growth and diversity of mobile device usage combined with the requirement of anytime, anywhere access to applications and data, has presented significant operational challenges and security risk to the IT organization. Typical legacy enterprise LAN infrastructures were not architected with adequate management, visibility, and awareness necessary to adapt to today’s application security and mobile provisioning requirements.

  • 283

Palo Alto Networks and Solera Networks

Palo Alto Networks and Solera Networks are combining next generation firewalls with active network forensics to enable security administrators to “see” critical attacks, uncover their root cause and quickly adapt their infrastructure to prevent recurrence and mitigate risk.

  • 411

Traps PCI Compliance

The theft of credit card data continues to grow at an alarming rate. It is costly to credit card companies and merchants, and it undermines consumer confidence. The Payment Card Industry has developed the PCI Data Security Standard (PCI DSS), which includes 12 requirements for protecting cardholder data. Despite substantial investments made in securing their networks, organizations are realizing that being PCI compliant does not mean an enterprise is protected against advanced cyberattacks.

  • 3430

60 Minutes: Coming to Grips with Consumerization

How or why is consumerization happening is almost irrelevant. All that really matters is how to deal with it. Today it's users, rather than IT departments, that are choosing the laptops, smart phones and tablets that they want to use. The resulting challenge for you is not trivial: how to integrate consumer devices in your business, yet still put adequate controls in place to manage the associated risks ­- not the least of which is the risk of exposing your applications and sensitive data to the wrong people. In this live video broadcast, hear Nir Zuk, CTO and co-founder of Palo Alto Networks, and Rich Mogull, Analyst and CEO of Securosis, provide insights and recommendations on how to handle consumerization and the proliferation of devices.

  • 131

Palo Alto Networks and AlgoSec Partnership

As organizations deploy multiple security solutions to safeguard corporate networks from a wide range of threats, they are realizing that the traditional manual process of performing risk analysis, change management, auditing and compliance are labor-intensive and error-prone. To increase operational efficiency and minimize risk, Palo Alto Networks and AlgoSec have partnered to reduce network security policy complexity by intelligently automating firewall policy management, from optimization to risk analysis to change management.

  • 1040

Palo Alto Networks for Advanced Threats

In this webinar we will talk about what Advanced Persistent Threats are and how they target Enterprises. We will also talk about our Lifecycle approach to APT mitigation and the power of WildFire.

  • 124