Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Next Generation Advanced
Malware Detection and Defense
Luca Simonelli
VP & GM EMEA
lsimonelli@lastline.com
Company Confide...
Cyberattack (R)Evolution
$$ Damage

Targeted Attacks
and Cyberwarfare

Billions
Millions

Cybercrime

Hundreds of
Thousand...
Current Defenses Have Failed
January 10, 2014

Targeted attacks are mainstream news.
Every week, new breaches are reported...
Malware is a Problem of Scale …

Company Confidential
Why Should You Care?
• If you have assets of value it is not a question of whether
you are being targeted, but where those...
Targeted Attacks

Evasive and Advanced Threats
Security Gap

Current solutions fail to protect
organizations from sophisti...
Lastline, Inc.
Most advanced solution to detect, analyze, and mitigate
APTs, targeted attacks, and 0-day threats
Company B...
Lastline, Inc.

“Top 10 coolest security
startup of 2013”

Anubis & Wepawet
Research Backroung

 Based on 10+ years resea...
Anubis & Wepawet Users

Company Confidential
Highly Scalable

Lastline Products
Lastline Enterprise™
Detect Advanced Malware in Your Network

•
•
•
•
•
•
•

Lastline A...
Highly Scalable

Lastline Solution
Lastline Enterprise™
Lastline
Components

Sensor

Engine

Manager
Threat
Intelligence

...
Lastline Platform Capabilities
Lastline Enterprise™
Network and Object Analysis
Network Analysis

Sensor

Engine

Manager
...
Lastline Enterprise – In action
Lastline proactively
crawls the Internet
for threats and
updates the Sensor’s
knowledge ba...
Lastline Enterprise On-Premise
Lastline proactively
crawls the Internet
for threats and
updates the Sensor’s
knowledge bas...
Lastline Enterprise Hosted
Lastline’s Datacenter
Lastline proactively
crawls the Internet
for threats and
updates the Sens...
Lastline Analyst

User accesses
object
information
via HTTPS

Upload
Objects and
URLs for
Analysis

Lastline proactively
c...
High-Resolution Security Analysis
Visibility without CPU emulation
(traditional sandboxing technology)

Visibility with CP...
Flexible & Cost Effective Deployment
•
•
•
•
•

Annual subscription, per-user pricing
Non-proprietary, low-cost hardware
C...
Actionable Intelligence
• Lastline Enterprise identifies with
confidence the backdoors in your
network
• Detailed analysis...
Actionable Intelligence
Traffic

Infection Trend

Analyzed Files

Malware
Distribution

Company Confidential
Actionable Intelligence
Mail

Events

Company Confidential
Posed to stand out from the crowd

“Best New Security Start-Up Company of the Year (Software)”
Gold Winner

“Most Innovati...
Lastline Better By Design
Lastline Core

• Complete Protection
– Analysis of inbound software artifacts
– Analysis of outb...
Lastline Demo

Company Confidential

24
Company Confidential

25
Company Confidential

26
Company Confidential

27
Company Confidential

28
Company Confidential

29
For more information visit
www.lastline.com
or contact us at
info@lastline.com
Company Confidential
Upcoming SlideShare
Loading in …5
×

Next Generation Advanced Malware Detection and Defense

1,547 views

Published on

Stop evasive malware, advanced persistent threats and zero-day exploits along web, mail, file, and mobile vectors.

Published in: Technology
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ACCESS WEBSITE for All Ebooks ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • A new slide deck
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Next Generation Advanced Malware Detection and Defense

  1. 1. Next Generation Advanced Malware Detection and Defense Luca Simonelli VP & GM EMEA lsimonelli@lastline.com Company Confidential
  2. 2. Cyberattack (R)Evolution $$ Damage Targeted Attacks and Cyberwarfare Billions Millions Cybercrime Hundreds of Thousands Thousands !!! Cybervandalism $$$ #@! Hundreds Time Company Confidential
  3. 3. Current Defenses Have Failed January 10, 2014 Targeted attacks are mainstream news. Every week, new breaches are reported. Here are just a few examples. Company Confidential 3
  4. 4. Malware is a Problem of Scale … Company Confidential
  5. 5. Why Should You Care? • If you have assets of value it is not a question of whether you are being targeted, but where those blind spots exist in your environment • A compromise results in a backdoor into your network, providing cybercriminals with interactive access • With Lastline’s solutions you can obtain visibility and identify active advanced malware targeting not only your systems, but your key intellectual property and business assets Company Confidential
  6. 6. Targeted Attacks Evasive and Advanced Threats Security Gap Current solutions fail to protect organizations from sophisticated, targeted attacks. Evasive Threats Persistent Threats APT Solutions Opportunistic Attacks Fluxing Polymorphic C&C Packing Plain Virus Simple Threats Antivirus Solutions Sophisticated Threats Company Confidential
  7. 7. Lastline, Inc. Most advanced solution to detect, analyze, and mitigate APTs, targeted attacks, and 0-day threats Company Buzz Company Overview  Founded in 2011, by top security professors and advanced malware researchers to deliver the most proven and advanced protection against evasive malware, zero day and advanced persistent threats.  Founders published 100+ papers, recognized among top 30 Security Researchers in the world  Developers of Anubis / Wepawet, #1 portal for advanced malware analysis and research, used by Fortune 500, government agencies and security vendors  Experienced management team from Fortinet, ISS and Trend Micro “Top 10 coolest security startup of 2013” Read More Company Confidential “Lastline Named a finalist for five Info Security Products Guide Global Excellence Awards”
  8. 8. Lastline, Inc. “Top 10 coolest security startup of 2013” Anubis & Wepawet Research Backroung  Based on 10+ years research on APT  Founders published 100+ papers, recognized among top 30 Security Researchers in the world  Most popular free tools for advanced malware analysis, accessible through web portals  Used by tens of thousands of users (including Fortune 500 companies, government and financial institutions, and security vendors)  Anubis: Advanced malware analysishttp://anubis.cs.ucsb.edu  Wepawet: Drive-by exploit detector http://wepawet.cs.ucsb.edu Company Confidential http://tinyurl.com/ms-top-authors
  9. 9. Anubis & Wepawet Users Company Confidential
  10. 10. Highly Scalable Lastline Products Lastline Enterprise™ Detect Advanced Malware in Your Network • • • • • • • Lastline Analyst™ Upload Files for Analysis Ideal for net and sec ops Deploy on network passively Multi-Protocol support (email, web, etc.) Available on-premise or Hosted by Lastline Software runs on hardware and VMWare Complements NIPS and NGFW products On-premise 30-day trial available • • • • • • • Ideal for forensic, audit, ICR ops Cloud service hosted by Lastline Analyzes objects for advanced malware Inspects URLs for advanced malware No hardware required by customer Available as on-premise solution Free Lastline Analyst accounts Company Confidential 10
  11. 11. Highly Scalable Lastline Solution Lastline Enterprise™ Lastline Components Sensor Engine Manager Threat Intelligence Description On-Premise ✓ monitors network On-Premise Hosted* 4.7 on VMWare detonates objects Hosted* Lastline Analyst™ n/a n/a n/a ✓ Private Cloud ✓ ✓ Private Cloud ✓ correlates & offers APIs ✓ Private Cloud ✓ ✓ Private Cloud ✓ crawls the internet to find APTs Internet-scale, active discovery of APT threats. Models generated through machine-learning and large-scale clustering algorithms. Intelligence is pushed to components. * Hosted by Lastline Company Confidential 11
  12. 12. Lastline Platform Capabilities Lastline Enterprise™ Network and Object Analysis Network Analysis Sensor Engine Manager – Detection and blocking • • • Command & Control traffic Infection vectors, such as drive-by-download attacks Inbound malicious emails – Automated collection of potentially-malicious files for analysis – Analysis of pDNS and netflow data to identify anomalies – Scalable, distributed architecture Netflow Passive DNS Correlation Lastline Analyst™ Object Analysis Object Analysis Executable files Network Fingerprints Web URLs Non-executable files Android APK Anomaly-Based Command & Control Detection Global Threat Intelligence Engine Manager – Dynamic analysis in next generation sandbox • • Executes binaries, accesses web pages, opens documents Monitors and classifies observed behaviors – CPU emulation • • Company Confidential Provides visibility into every instruction that malware executes, not just the operating system calls Provides vastly increased ability to detect malicious and evasive behavior
  13. 13. Lastline Enterprise – In action Lastline proactively crawls the Internet for threats and updates the Sensor’s knowledge base Feedback for global threat intelligence Analyzes unknown Engine objects (programs and docs) with high-resolution analysis Manager Correlates alerts and produces actionable intelligence Drive-by attack Spearphishing Command and control Sensor Scans traffic for signs and anomalies that reveal C&C connections and infections Company Confidential
  14. 14. Lastline Enterprise On-Premise Lastline proactively crawls the Internet for threats and updates the Sensor’s knowledge base Analyzes unknown Engine objects (programs and docs) with high-resolution analysis Manager Correlates alerts and produces actionable intelligence Drive-by attack Spearphishing Command and control Sensor Scans traffic for signs and anomalies that reveal C&C connections and infections Company Confidential
  15. 15. Lastline Enterprise Hosted Lastline’s Datacenter Lastline proactively crawls the Internet for threats and updates the Sensor’s knowledge base Analyzes unknown objects Engine (programs and docs) with high-res analysis Manager Correlates alerts and produces actionable intelligence Drive-by attack Spearphishing Command and control Sensor Scans traffic for signs and anomalies that reveal C&C connections and infections Company Confidential
  16. 16. Lastline Analyst User accesses object information via HTTPS Upload Objects and URLs for Analysis Lastline proactively crawls the Internet for threats and updates knowledge base Manager Produces actionable intelligence Analyzes unknown objects Engine (programs and docs) with high-resolution analysis Company Confidential
  17. 17. High-Resolution Security Analysis Visibility without CPU emulation (traditional sandboxing technology) Visibility with CPU emulation (Lastline technology) Important behaviors and evasion happens here Company Confidential
  18. 18. Flexible & Cost Effective Deployment • • • • • Annual subscription, per-user pricing Non-proprietary, low-cost hardware Cost-effective, full network coverage Your choice of on-premise or hosted deployment Future-proofing via a platform approach which provides API access for integration • Scale engines in private cloud on-premise • Deploy anywhere in the network Company Confidential 18
  19. 19. Actionable Intelligence • Lastline Enterprise identifies with confidence the backdoors in your network • Detailed analysis supports the remediation process defined within the Enterprise • Correlated APT information rolls up to network incidents and provides drill down to individual malware events • APT threat severity level is available to identify high priority infections Company Confidential 19
  20. 20. Actionable Intelligence Traffic Infection Trend Analyzed Files Malware Distribution Company Confidential
  21. 21. Actionable Intelligence Mail Events Company Confidential
  22. 22. Posed to stand out from the crowd “Best New Security Start-Up Company of the Year (Software)” Gold Winner “Most Innovative Security Product (Software) of the Year” Bronze Winner “Innovation in Next Generation Security” Bronze Winner “Best Overall Security Company of the Year” Bronze Winner “Most Innovative Security Service of the Year” Silver Winner Company Confidential
  23. 23. Lastline Better By Design Lastline Core • Complete Protection – Analysis of inbound software artifacts – Analysis of outbound traffic using network models – Anomaly detection of suspicious behavior – Actionable Threat Intelligence • Most Advanced Malware Analysis – High-resolution analysis engine (CPU emulation) – Supports multiple operating systems and file formats – Producers detectors (fingerprints) that also handle encrypted traffic • Flexible & Scalable Deployments – Three-Tiered Architecture on premise or hosted – Efficient sensors on premise (for enforcement and collection) – Hosted Solution offers analysis in the cloud – Pricing that is practical for your budget Company Confidential High-Resolution Analysis Correlation Automated Data Collection Netflow DNS Network Fingerprints Non-PE, PE, Web URLs, Android APK Global Threat Intelligence Reputation, … Lastline Enterprise Sensor Manager Engine Lastline Analyst Manager Engine
  24. 24. Lastline Demo Company Confidential 24
  25. 25. Company Confidential 25
  26. 26. Company Confidential 26
  27. 27. Company Confidential 27
  28. 28. Company Confidential 28
  29. 29. Company Confidential 29
  30. 30. For more information visit www.lastline.com or contact us at info@lastline.com Company Confidential

×