Kernel Rootkit Analysis with Lastline Breach Detection Platform 6.5

Kernel Rootkit Analysis with Lastline Breach Detection Platform 6.5

Today at SXSW Interactive, Lastline co-founder and chief architect Engin Kirda presented new insights into malware in the wild including new research coming out of Lastline Labs on high resolution dynamic analysis of Windows kernel rootkits. We also announced today a new analysis capability in the 6.5 release of the Lastline Breach Detection Platform that provides unprecedented insights into this pernicious type of malware hidden in the kernel of Microsoft Windows operating systems.

By adding the industry’s first capability for automated and deep analysis of kernel behavior and rootkit detection to the Lastline Breach Detection Platform, we will help customers better detect and respond to kernel-based threats with enhanced, in-depth analysis. This kernel-mode analysis capability adds to existing network-based detection of kernel components in the platform.

Turla Advanced Kernel Level Malware
Lastline Breach Detection Platform analysis report of kernel-based malware Turla that is suspected to be state-sponsored and used to attack governments and military targets. (View Full-size)

Brian Laing

Brian Laing

For more than 20 years, Brian Laing has shared his strategic business vision and technical leadership with a range of start-ups and established companies in various executive level roles. The author of “APT for Dummies,” he was previously vice president of AhnLab, where he directed the US operations of the internationally known security and software leader. Brian previously founded Hive Media where he served as CEO. He co-founded RedSeal Systems, where he conceived the overall design and features of the product and was granted two patents related to network security. He was also founder and CEO of self-funded Blade Software, who released the industry’s first commercial IPS/FW testing tool.
Brian Laing