As cyber attacks get more sophisticated, so being able to spot them requires a different approach from simply looking for signatures.
Behavioral detection company LightCyber is launching a new version of its Magna platform that increases the precision and speed of detecting an in-progress attack from either a malicious insider or external bad actor.
“Detecting and thwarting an active attack requires highly precise detection of the attacker’s operational activities,” says Jason Matlof, executive vice president of LightCyber. “The historic problem endemic to security has been the inability to parse out the most relevant attacker signals, which has resulted in overwhelming flood of mostly useless security alerts. This new release adds even more targeted attack detection capabilities related to user credential theft and abuse”.
Magna is able to spot misuse of credentials by looking at peer activity, history, time, type of activity, and more, to achieve a high level of accuracy and eliminate false-positive alerts. It’s able to spot anomalous activity even if the user is attaching to the enterprise network via a VPN.
The platform uses full network capture to enable it to see the network activities of all users and IP-connected devices. This is backed by an agentless, on-demand capability to interrogate user computers and link specific processes with specific network activity. Using on-premise machine learning, Magna continuously profiles all users and devices and can then detect anomalies that could indicate an attack. The combination of network, user and device analysis enables an accurate ‘triangulation’ of an active attacker.
LightCyber Magna 3.5 is available now and you can find out more on the company’s website.
Photo Credit: ra2studio/Shutterstock