Connect with us

Top Stories

LIGHTCYBER FINDS ACTIVE ATTACKERS BY TRIANGULATING USERS, DEVICES AND NETWORK TRAFFIC

LIGHTCYBER FINDS ACTIVE ATTACKERS BY TRIANGULATING USERS, DEVICES AND NETWORK TRAFFIC

LightCyber, a leading provider of Behavioural Attack Detection solutions, has announced the latest release of its Magna™ platform that increases the precision and speed of detecting an in-progress attack from a malicious insider or external targeted bad actor. The Magna 3.5 release adds enhanced visibility of user credential use and more granular Virtual Private Network (VPN) intelligence so attackers can be detected even more efficiently and accurately.

“Detecting and thwarting an active attack requires highly precise detection of the attacker’s operational activities,” said Jason Matlof, executive vice president, LightCyber. “The historic problem endemic to security has been the inability to parse out the most relevant attacker signals, which has resulted in an overwhelming flood of mostly useless security alerts. This new release adds even more targeted attack detection capabilities related to user credential theft and abuse.”

Jason Matlof, Executive Vice President at LightCyber

Jason Matlof, Executive Vice President at LightCyber

Enhanced User and Entity Behaviour Analytics (UEBA)

The enhanced user behaviour detection enables more granular identification techniques for two types of credential-oriented attack behaviours: a new user conducting unusual activities, or an existing user acting in an unexpected way.External attackers steal access to user credentials through malware and social engineering techniques, while employees frequently misuse legitimate credentials for malicious intent in insider attacks or risky behaviours. Magna evaluates these behaviours through authentication credential analysis of multiple dimensions, including peer activity, history, time, type of activity, and more, to achieve a high level of accuracy and eliminate false-positive alerts.These new detection capabilities are based exclusively on user credential use and complements other existing host- and user-based anomaly detection capabilities. These new detection features are especially useful to enhance Magna’s lateral movement detection capabilities as attackers gradually expand their realm of control using credentials to eventually access target assets.

Granular User Visibility Through VPNs

While Magna has had VPN visibility, a new feature enables associating a specific user IP address with a remote assess user connecting to the network through a VPN concentrator. Through VPN logs, Magna will de-multiplex the observed network traffic into individual users. Magna then profiles and monitors each remote user’s activity over time in the same way it analyses any other machine and user behaviour inside the network with all the richness of its Behavioural Attack Detection.This approach is inherently more robust than just using information in the VPN logs themselves as implemented by some competitive UEBA solutions. Not only can Magna identify anomalous VPN user activity, but it can also add much more robust behavioural attack detection analysis associated to the VPN user’s behaviour in the enterprise network.

Detecting Active Attackers Quickly and Accurately

The LightCyber Magna platform gains its visibility from full network capture that can see the network activities of all users and IP-connected devices. This vantage is augmented by an agentless, on-demand capability to interrogate user computers and link specific processes with specific network activity. Using on-premise machine learning, Magna continuously profiles all users and devices and then can detect anomalies that are indicative of an attack. The combination of network, user and device enables an accurate “triangulation” of an active attacker, and these new detection elements further enhances that detection accuracy.

Price and Availability

Magna version 3.5 is available now. Pricing starts at $21,000(US dollars) for a Magna Detector appliance.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Recommended

Newsletters with Secrets & Analysis. Subscribe Now