Eliminate Targeted Attacks, Insider Abuse and Malware
LightCyber™ behavioral analytics from Palo Alto Networks® empowers you to stop active attackers and malware operating inside your network. LightCyber prevents data breaches by learning the expected behavior of users and devices and then detecting behavioral anomalies indicative of attack. After LightCyber detects a network attack, it interrogates the attack source to determine which endpoint process initiated the attack and then analyzes that process in the cloud to identify malware, allowing your security analysts to swiftly confirm and shut down threats.
Streamline Analysis With Rich Investigative Data
LightCyber cuts through the noise of security alerts to find the threats that matter. It builds a comprehensive model of user and device behavior with over 1,000 learned behavior dimensions to find anomalous activity. When alerts are fired, LightCyber provides detailed investigative information related to the alerted behavior, including the source process, user credentials, domain and other information to help security teams detect and remediate threats.
Catch Attackers at Any Stage of the Attack Lifecycle
LightCyber prevents cyberattacks from compromised users and devices across the attack lifecycle. Designed by cyberwarfare experts, LightCyber detects network-based attacker behaviors that attackers cannot conceal and links them to the endpoint process, whether malicious or benign, that was used in an attack.
LightCyber prevents the following threats:
Command and Control: LightCyber detects and stops repeated access to rarely accessed sites, tunneled connections, domain generation algorithms, and access to known and unknown C2 servers.
Lateral Movement: LightCyber uncovers new admin behavior, credential misuse and credential scraping.
Data Exfiltration: LightCyber detects irregular, large and suspicious data transfers.
Malware: LightCyber interrogates endpoints to find malware, riskware and suspicious artifacts
Confirm Attacks With Endpoint Analysis
To add valuable insight to network alerts, LightCyber Pathfinder can analyze Windows® and Linux systems to determine which executables generated suspicious traffic. Once identified, the LightCyber Cloud Expert System can detonate suspicious files in a virtual sandbox and examine them using virus scanning engines to determine if they are malicious. With LightCyber Pathfinder, security teams can verify attacks and find malware on endpoints without needing to install bulky endpoint agents.
Use Machine Learning to Pinpoint Threats
Machine learning empowers organizations to prevent internal network attacks, including attacks that do not involve known exploits or malware. By performing unsupervised machine learning with the right inputs and detection algorithms, LightCyber can detect the anomalies and behavioral changes indicative of an attack. LightCyber combines powerful network-based machine learning technology with agentless endpoint inspection and cloud intelligence to automatically detect and eliminate critical risks in the network.
Shut Down Cyberattacks Instantly
Detecting attacks is great; stopping them is even better. By integrating with Palo Alto Networks next-generation firewalls, security analysts can isolate compromised devices from the network with one click. Alternatively, administrators can disable user accounts in Active Directory® or terminate malicious endpoint processes from the LightCyber console. For automated remediation, LightCyber integrates with leading IT process automation systems. Eliminating network threats quickly has never been easier.
Zero In on the Most Critical Security Issues
LightCyber from Palo Alto Networks mitigates targeted attacks, malware, insider threats and risky behavior while avoiding burdensome manual configuration or requiring hefty logging and storage demands. With LightCyber, organizations can detect and stop attackers early, before data is compromised.
Take advantage of incredibly accurate security alerts. Over 61 percent of all LightCyber alerts and 99 percent of confirmed alerts are investigated, remediated, or deemed useful based on how customers disposition alerts.
Leverage machine learning to automate attack analysis and drive down security alerts to a manageable volume – approximately one alert per 1,000 hosts per day on average.
threats originating from laptops, IoT devices and mobile devices, as well as servers in the data center and the cloud, with network and agentless endpoint analysis.
Quarantine malicious users and hosts by integrating with the Palo Alto Networks next-generation firewall, Microsoft® Active Directory or Network Access Control systems to disable user accounts or isolate devices. Alternatively, LightCyber Pathfinder can directly terminate malicious processes on compromised devices.
LightCyber Behavioral Analytics
LightCyber Behavioral Analytics
LightCyber closes the gap in breach detection by detecting attack behaviors and enabling security analysts to rapidly – or automatically – mitigate attacks. Download the datasheet to view LightCyber’s benefits and technical specifications. View now >
Experience LightCyber for Yourself
Let us show you how you can find attackers in your network that your existing security solutions are missing. Request a live demo to learn how you can gain visibility into malicious activity in your network with LightCyber from Palo Alto Networks. Request Demo>
Enterprise mobility is changing the ways that people work and the devices they use. It’s also changing the network infrastructure needed to support the devices on business networks. Wireless interfaces are the network connectivity standard for tablets and smartphones, and even some laptops such as ultrabooks and the Apple MacBook Air. As a result, wireless networking is now ubiquitous. It’s found at corporate and branch offices everywhere, including at organizations that have taken conservative positions on wireless networking in the past, such as hospitals, banks, and government offices. With all of this rapid growth, questions arise on whether the proper security is in place to protect the traffic and keep it free of malfeasance and impropriety.
Palo Alto Networks and Avaya™ have partnered to provide high-performance next-generation security solutions for data center networks. The mission critical data centers of today have no tolerance for disruptions in throughput or availability. At the same time, the threats imposed on data centers by modern malware require a security solution that has next-generation firewall intelligence.
Botnets are some of the most damaging and dangerous malware on the threat landscape, and lately, the industry has been visited by resurgent botnets that were previously thought to be dead. Join us for this edition of the Threat Review series as we take a hands-on look at the latest malware findings from WildFire, including new information on Waledac, Kelihos and even an update from our old friend Zeus. We will track the recent outbreaks and investigate the cross-pollination between these powerful botnets.
Your business groups have a seemingly insatiable need for more bandwidth. Recent high profile attacks that use port 80, or SSL to hide, and leverage commonly used applications like FTP and RDP for exfiltration are driving the need to increase your security posture. Which do you choose? Performance or security? Easy – Both.
Modern threats have changed the game in information security with an ever-growing list of high-profile and sophisticated breaches standing as proof that these threats are very real today. In this presentation we will dive into the role that the next-generation firewall plays in coordinated defense in depth approach to advanced malware, with actionable best-practices that you can use today to prevent infections as well as detect and remediate these threats in your network.
Join two pioneers in network security: Nir Zuk and Marcus Ranum, for what promises to be a very lively discussion on the future of the network perimeter. As applications and users move in and out of the enterprise network, what happens to the network perimeter as we know it? Does it go away? Evolve? How should organizations address these changes? Both Marcus and Nir are mainstays of the network security space – both having built and championed multiple successful innovations, products, and companies serving enterprise security professionals.