Magna Platform Uniquely Integrates Network, User and Endpoint Visibility to Accurately Detect Active Network Attacks using Novel Machine Learning Techniques
LOS ALTOS, Calif., and RAMAT GAN, Israel – 9 January 2017 – LightCyber, a leading provider of Behavioural Attack Detection solutions, today announced that it was listed as a Representative Vendor in two separate, recently published Market Guide reports from Gartner, Inc., which advocate the use of broad-based machine learning techniques to detect the anomalous behaviours of active network attackers. The first, published 8 December 2016, Market Guide for User and Entity Behavioural Analytics (G00292503), includes solutions that profile users and entities to detect anomalies. The second, published 30 November 2016, Market Guide for Endpoint Detection and Response Solutions (G00298289), includes solutions using endpoint visibility for early identification of attacks.
“The unique combination of network data analytics augmented by user and endpoint visibility gives the Magna platform a substantial advantage in detecting active network attacks with a high degree of accuracy while producing only a small number of alerts,” said Jason Matlof, executive vice president, LightCyber. “The vendor community is creating a variety of new attack detection solutions that are similar to their incumbent predecessors and that are each biased by a particular technical approach – primarily network-centric, endpoint-centric, or user-centric. We believe the reason that LightCyber Magna has been acknowledged in multiple Gartner reports is due to the increasing recognition of the unique value of solutions that combine multiple data context together into a single analytical solution. We are pleased to receive these acknowledgements.”
Analysts Peter Firstbrook and Neil MacDonald recommend in the Market Guide for Endpoint Detection and Response Solutions that “The most critical EDR capability is the ability to detect sophisticated hidden threats, ideally without requiring the use of externally fed IOCs. The ideal EDR system should be capable of self-detection using its own built-in detection techniques, analytics and behavioural indicators. The range of detection techniques will be also be affected by the type of data gathered. Three realms of data are most valuable: user, endpoint and network events. This data also needs to be put into context with global threat intelligence (that is, attribution and trends). Generally speaking, more information and more context is better than less, assuming it can scale across infrastructure and information management.”
In the Market Guide for User and Entity Behavioural Analytics, analysts Toby Bussa, Avivah Litan and Tricia Phillips recommend “Vendors use packaged analytics to evaluate the activity of users and other entities (hosts, applications, network traffic and data repositories) to discover potential incidents commonly presented as activity that is anomalous to the standard profiles and behaviours of users and entities.”
With the industry average dwell time of approximately five months to discover an active attacker on a network, it is clear that organisations have had little success in stopping a data breach or thwarting theft or damage to critical IT assets. The typical “known bad” security approach of identifying malware through static definitions such as signatures, domains and pre-defined behaviours is no match for sufficiently motivated cybercriminals that will create mechanisms to circumvent those systems, not to mention the fact that those systems are incapable of stopping rogue insiders that already have legitimate credentials on the network. By contrast, Magna uses a “learned good” approach that employs machine learning techniques to profile all user and entity activities, and then detects anomalous activities that are indicative of an active attack.
Resources
Cyber Weapons Report, indicating how attackers orchestrate network attacks and showing how malware is not typically involved in the active—and longest—stage of the attack
Blog about triangulating users, devices and network traffic to pinpoint attackers
Video interview with a media company about how security visibility is now critical in protecting assets
Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organisation and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About LightCyber
LightCyber is a leading provider of Behavioural Attack Detection solutions that provide accurate and efficient security visibility into attacks that have slipped through the cracks of traditional security controls. The LightCyber Magna™ platform is the first security product to integrate user, network and endpoint context to provide security visibility into a range of attack activity. Founded in 2012 and led by world-class cyber security experts, the company’s products have been successfully deployed by top-tier customers around the world in industries including the financial, legal, telecom, government, media and technology sectors. For more information, please visit http://www.lightcyber.com or follow us on Twitter, LinkedIn and Facebook.
###
LightCyber and Magna are trademarks of LightCyber in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.
UK Media Contact:
Sally Bratton
Bratton PR
+44(0)7930 301601
sally.bratton@brattonpr.com