LightCyber extends behavioural attack detection to AWS; closes breach detection gap in cloud data centers



Behavioral Attack Detection solutions provider LightCyber unveiled Monday new Magna products for Amazon Web Services (AWS) to close the breach detection gap in cloud and hybrid cloud data centers. The new products provide attack visibility for Infrastructure-as-a-Service (IaaS) cloud and hybrid cloud data center workloads. Leveraging all of the existing behavioral profiling and anomaly detection capabilities available in the Magna platform, the new Magna Detector-AWS and Magna Probe-AWS products support deployment within an organization’s AWS Virtual Private Cloud (VPC).

LightCyber also announced a new version of its agentless, on-demand Magna Pathfinder for Linux to extend integrated network and endpoint detection features to one of the most common data center server platforms.

Approximately 155 million workloads will move to public cloud data centers by 2019 according the Cisco Global Cloud Index, eclipsing those that will exist in private cloud data centers. Even bulge bracket banks are projected to migrate from little or no use of public cloud data centers today to having 30 percent of their data center capacity in the public cloud within three years, according to a note from Deutsche Bank.

“While network security analytics systems exist for on-premise environments, the capabilities for public cloud workloads have lagged behind,” said Jason Matlof, executive vice president, LightCyber. “Extending the Magna Behavioral Attack Detection platform into the public cloud data center enables security operators to achieve similar levels of security visibility into active attacks for both the on-premise and cloud data center environments.”

The LightCyber Magna products detect the operational activities of malicious insiders or targeted external attackers attempting to gain control of assets hosted in an AWS cloud data center or using it as a point for command and control (C&C) communication and eventual exfiltration of data.

Similar to an on-premise data center, once attackers gain a foothold, they need to explore the environment through reconnaissance and must expand their realm of control to gain access to assets using lateral movement. The Magna Behavioral Attack Detection platform employs machine learning techniques to detect these reconnaissance and lateral movement activities, as well as C&C and exfiltration, so that an attack can be thwarted before damage is done.

The Magna platform combines the capabilities of Network Traffic Analytics (NTA) with User and Entity Behavior Analytics (UEBA) to eliminate blindness to attacker and malicious or risky insider activity.

The Magna Probe-AWS and Magna Detector-AWS make use of native AWS VPC Flow Logs or, the currently in beta, Gigamon Visibility Fabric for AWS to monitor the virtual network. It also complements the existing capability of the Magna platform to monitor inbound and outbound network traffic to a public cloud over a site-to-site VPN.

In addition, the new version of Magna Pathfinder extends the Magna platform with an agentless, on-demand capability to interrogate Linux workstations and servers, which complements the network-centric behavioral profiling capabilities of the Magna Detector products. Previously Magna Pathfinder engaged only with Windows servers and clients.

The Magna Behavioral Attack Detection platform uses machine learning to profile the behavior of cloud workloads and detect reconnaissance and lateral movement, before any damage is done.

LightCyber Magna’s main job is to monitor network activity and find anomalies indicative of attack. Magna detects attacks originating from any type of devices, including mobile phones, IoT devices, and even networking equipment. However, Magna also uniquely provides context into attacks by interrogating suspicious endpoints for malware, riskware, or rare artifacts. The Magna Pathfinder service helps users customers find compromised devices and streamline investigations.

With this release of Magna, LightCyber is extending its Magna Pathfinder agentless interrogation service to Linux machines. Now, Pathfinder can interrogate Linux, as well as Windows, machines for suspicious processes. The offering combines network traffic analytics (NTA) with endpoint analysis—for Linux and for Windows—Magna gives users insight into threats.

LightCyber Magna Probe-AWS and Magna Detector-AWS are beginning their beta program, with general availability planned for the fourth quarter of this year. The price starts at $5,000 per year, depending on the number of nodes in the AWS environment. The new LightCyber Magna Pathfinder is now generally available and pricing starts at $9,000 per year.

Leave a Reply

WWPI – Covering the best in IT since 1980