LightCyber® further enhances and extends our ability to prevent attacks at the internal reconnaissance and lateral movement stages of the attack lifecycle, two stages that are often very important to a successful attack.
LightCyber empowers organizations to detect and stop active attacks in their network. Founded by cybersecurity experts in 2012, LightCyber has been leading the industry in the development of automated behavioral analytics capabilities and uses sophisticated machine learning to quickly, efficiently and accurately identify attacks based on identifying behavioral anomalies inside the network. LightCyber’s products have been successfully deployed by top-tier companies in the financial, healthcare, legal, telecom, government, media and technology sectors.
LightCyber detects malicious insiders, targeted external attackers and operationalized malware by monitoring network traffic; learns the behavior of all users and devices; and detects the anomalies that deviate from expected behavior. LightCyber starts with a blank slate and employs unsupervised machine learning to create these baseline profiles. From this ongoing profiling process, LightCyber pinpoints anomalous behaviors that are indicative of an attack or risky user behavior.
Targeted attackers can find ways to compromise systems and infiltrate networks. Once attackers are in the network, they begin a step-by-step process of reconnaissance and lateral movement using networking and admin tools. To stay under the radar, they often avoid using malware or known exploits. However, they still need to understand the network design and find the location of sensitive assets and expand their realm of control to gain access to these assets by conducting reconnaissance and lateral movement.
LightCyber stops attacks early by understanding how users and devices typically behave and by recognizing changes in behavior – such as a regular user performing administrative activity or scanning rarely accessed file shares – to stop an advanced attack early and definitively.
The LightCyber approach focuses on network and endpoint traffic, and on activity within the networking traffic, to drive its primary analysis. LightCyber uniquely offers:
LightCyber extends the ability of the Palo Alto Networks® platform to mitigate unknown threats inside the network and root out attackers as they perform low-and-slow reconnaissance, expand control, and attempt to manipulate or steal data.
LightCyber enhances and extends our ability to prevent attacks across the attack lifecycle and especially at the internal reconnaissance and lateral movement stages, which are often important to a successful attack. With LightCyber added to our platform, it can further prevent command-and-control activity and data exfiltration by detecting anomalous behavior. You will gain unrivaled protection against targeted attacks, insider threats, risky behavior and malware inside your network.
Since our inception, Palo Alto Networks has pioneered new ways of tackling seemingly impossible security challenges and, along the way, has provided eye-opening visibility into user and application traffic as well as exceptional breach prevention capabilities. The LightCyber automated behavioral analytics technology represents another step in our evolution of delivering a platform at the forefront of the innovation curve. With the LightCyber technology, our platform will be able to analyze user, endpoint and network behavior and apply machine learning techniques to detect and stop active attackers inside the network who do not rely on malware or vulnerability exploits.