Use Cases

Detect Lateral Movement

A data breach starts with a single compromised system and the malicious activity spreads across your network, eventually harvesting your confidential or regulated data.

Advanced attacks succeed because your security controls lack the ability to detect the malicious activity as it moves laterally across your network, the anomalous behavior of your compromised systems, the large transfers of data across your network, or the external communication with the attacker.

To help bolster lateral movement security and detect an attack, organizations have turned to AI-based network security tools to assist in uncovering malicious activity. Applying AI techniques to network traffic will find anomalous patterns of behavior within the network traffic, because that’s what AI is designed to do. However, this approach leads to many false positives–after all, not all network anomalies are the result of attacks or indicators of compromise.

Lastline Defender™ is unique. It combines three complementary techniques to deliver superior AI-powered network security to stop lateral movement:

• First, we leverage the Lastline^® Global Threat Intelligence Network to scan your traffic metadata and payloads for variants of known threats
• Second, we apply unsupervised AI to your network traffic to detect protocol and traffic anomalies, and other indicators of compromise
• Third, we use supervised AI to automatically create classifiers that recognize malicious network behaviors and previously unknown malware

Most AI-based network security products implement only the first two detection techniques. Lastline Defender is different. It leverages AI that is automatically trained both on network traffic and malicious behaviors. This unique combination enables deterministic detections and eliminates false positives.