Lastline Recognized by CRN as a 2015 Emerging Vendor

Posted by Brian Laing on 8/6/15 12:28 PM

products-guideLastline has been recognized by CRN, the top news source for solution providers and the IT channel, as one of 2015’s hottest emerging technology vendors. CRN’s Emerging Vendors list annually identifies the rising security technology vendors with innovative products in North America who create new opportunities for channel partners to generate high-margins and provide the most advanced solutions for their customers.

Read More

Topics: Lastline Defense Program, CRN, Emerging Technology Vendors

DARPA Names Shellphish Hacking Team as Finalist in the Cyber Grand Challenge

Posted by Ashley Kiolbasa on 8/3/15 10:00 AM

Team Shellphish, a group of computer science students from UC Santa Barbara and other institutions led by Lastline founders and UCSB university professors, Dr. Giovanni Vigna and Dr. Christopher Kruegel, has advanced to the finals of DARPA’s Cyber Grand Challenge (CGC).

Read More

Too Many Boxes Becomes a Fire Hazard

Posted by John Bradshaw, Vice President, Worldwide Sales Engineering, Lastline on 7/16/15 9:00 AM

I have a confession to make. The first five years of my adult work life were spent in fast food management – and I enjoyed it. I learned many life lessons in that time that are still carried with me today. What, you may wonder, does any of that have to do with the world of cyber security? Read on.

One of the most important areas I received training on during my fast food management indoctrination was customer and employee safety. Aside from sanitation and health concerns, the ability to quickly and safely evacuate during a fire emergency (flash oil fires are not fun!) was one area where I had to maintain a constant vigil. This led to one of the golden rules – Boxes piled up are a fire hazard.

Read More

Topics: InstrumentEverywhere™, appliance model, deployment

Are You Prepared for the Nation State Attack?

Posted by Clemens Kolbitsch on 7/9/15 9:00 AM

New information about the Advanced Persistent Threat (APT) is hitting media headlines every day. In just the last few months alone, we have read horror stories of sophisticated malware like Duqu2 (which uses a kernel mode exploit to load its kernel mode component), targeted attacks against NATO members and the White House termed Operation Pawn Storm (which attracted massive media attention in April), and Equation Group, the well-known, possibly government-sponsored advanced threat group, that gained mass attention in February.

Read More

Topics: Full-system Emulation, Sandboxing, FUSE, kernel-exploitation

It’s Time to InstrumentEverywhere™

Posted by John Bradshaw, Vice President, Worldwide Sales Engineering, Lastline on 7/8/15 9:00 AM

How many of you can accurately predict the attack vector used in the next major breach?

There are a lot to choose from right? An attempt to breach your organization may involve a well-crafted spear-phishing campaign with a malicious attachment or a link to a site hosting malicious content. It might be a drive-by on a prominent website your users frequent. It could be that flash drive shared with a friend and then inserted into your work computer. It could be a malicious object copied across one of the many network file shares in your organization. It could also be an intruder taking advantage of a vulnerability and using it to create a pathway into your organization.

The bottom line is, we can’t predict where or how the next breach will occur, and unless your cyber-security Kung Fu skills are like Bruce Lee’s at handling attacks from any source involving any number of unknown opponents, you’re going to need some help dealing with the problem.

Read More

Topics: InstrumentEverywhere™, coverage, multi-vector, licensing

The Only Acceptable Sacrifice

Posted by Jeff Pollard on 6/5/15 11:00 AM

A few days ago I was having a conversation with a customer I’ve known for a number of years when the subject of recent big name vulnerabilities came up. Shellshock, Heartbleed, Venom and, most recently, the Diffie-Hellman 512-Bit Export Key issue. We were discussing the challenge these items present to both vendors and customers because of the numerous hardware and software elements contained versions of the vulnerable software. As our conversation progressed, a theme began to emerge — the problem for customers primarily rests in the fact that these portions of the security stack are often acting as compensating controls for some other issue that can’t be fixed yet – or fixed at all. Too often these were compensating for a lack of budget, time or capability inherited from the original technology causing the problem.

Read More

Bridging Network and Endpoint Security with New Rapid Host Breach Verification

Posted by Brian Laing on 5/18/15 11:00 AM

Today we announced the expansion of the Lastline Breach Detection Platform to bridge network and endpoint security with new host breach verification features. Combined with existing network breach verification, the new endpoint breach verification tools and integrations will give SOC operators, incident responders, security management and MSSPs a unified, comprehensive and timely view into indicators of compromise (IOCs) across networks and endpoints. This makes detection and response to breaches faster and more focused.

Read More

Topics: host breach verification, Structured Threat Information eXpression, STIX, OpenIOC

All the Kids Get to Play in Our Sandbox

Posted by John Bradshaw, Vice President, Worldwide Sales Engineering, Lastline on 4/29/15 11:00 AM

As I took on a global manager role these past few years, I have had to evaluate different solutions that would help my team do their job better. Quite the reversal from being the vendor wanting to show prospects the solution I sell and proving to them it will meet their requirements. I have learned several lessons from this experience, one of which is that robust integrations with a rich API are a cornerstone requirement – this allows me to choose Best of Breed in each solution area I invest.

Read More

Topics: Integration, Sandboxing, APIs

Lastline Info Security 2015 Medal Count: 1 Gold, 3 Bronze

Posted by Matthew Baker on 4/21/15 11:30 AM

products-guideAt last night’s 11th Annual Info Security 2015 Global Excellence Industry Awards banquet, we brought home one gold and three bronze medals. What a great way to kick of this year’s RSA show!

Most notably, our team was named the “Gold Winner” for the Most Innovative Security Product (Software) of the Year category. With a founding team that holds over a decade of experience researching threats in the cyber security space, it’s an honor to be recognized for what the company has been able to accomplish thus far.

Read More

Topics: Lastline News, Awards, Industry Recognition

Extinction Level Event: Evolution of the Sandbox

Posted by John Bradshaw, Vice President, Worldwide Sales Engineering, Lastline on 4/17/15 11:08 AM

Moore's LawAn Extinction Level Event occurs when something rapid and cataclysmic happens upsetting the natural order of things to such a degree that species are not able to adapt quick enough and die off in rapid fashion. In the natural world, these events are rare with only five major extinction events recorded in Earth’s history – and some scientists claim we are now in a sixth major extinction event. However, the cyber world is evolving at a much faster pace. Moore’s Law describes the exponential rate of computing power and how it increases every two years. Right along with these increases in sheer computing power have come advances in both information security capabilities and methodologies used by advanced threat groups to thwart those gains. In technology we expect rapid extinction cycles — and we are on the verge of witnessing another cyber security extinction level event now.

Read More

Topics: Malware Sandboxing Analysis, Full-system Emulation

Subscribe to Email Updates