LightCyber Magna Behavioral Attack Detection

Find Threats Fast with Network-based Attack Detection
and Endpoint Analysis

LightCyber Magna™ empowers organizations to stop targeted attacks, insider abuse, and malware. Magna zeros in on cyber threats by learning the expected behavior of users and devices and detecting the anomalies that deviate from the learned baseline of behavior. When Magna detects a network attack, the Magna Pathfinder agentless endpoint uses patented network-to-process-association (N2PA) technology to interrogate the endpoint and identify the source process and user credential used to perform the attack, regardless of whether it’s malware, riskware or a benign process.

Streamline Analysis with Rich Investigative Data

LightCyber Magna cuts through the noise of security alerts to finds the threats that matter. LightCyber builds a comprehensive model of user and device behavior with over 1,000 learned behavior dimensions to find anomalous activity. When alerts are fired, Magna provides detailed investigative information related to the alerted behavior, including the source process, user credential, domain and other information to help security teams detect and swiftly respond to threats.

Catch Attackers at Any Stage in the Cyber Kill Chain

Magna detects compromised users and devices across the attack lifecycle. Designed by cyber warfare experts, Magna detects network-based attacker behaviors that attackers cannot conceal, and links them to the endpoint process, whether malicious or benign, that was used in the attack.

  • Command and Control: Spot repeated access to rarely accessed sites, tunneled connections, domain generation algorithms, and access to known and unknown C&C servers
  • Reconnaissance: Identify abnormal network scans, connection failures, and darknet scans
  • Lateral Movement: Uncover new admin behavior, credential misuse, and credential scraping
  • Data Exfiltration: Detect irregular, large, and suspicious data transfers
  • Malware: Interrogate endpoints to find malware, riskware, and suspicious artifacts

Confirm Attacks with Endpoint Analysis

To add valuable insight to network alerts, Magna Pathfinder can analyze Windows and Linux workstations and servers to determine which executables generated suspicious traffic. Once identified, questionable files can be detonated in a virtual sandbox and examined by virus scanning engines by the Magna Cloud Expert System to determine if they are malicious. With Magna Pathfinder technology, security teams can verify attacks and find malware on their endpoints without needing to install bulky endpoint agents.

Use Machine Learning to Pinpoint Threats

Machine learning empowers organizations to detect attacks that are not known vulnerability exploits or malware—but are none-the-less extremely dangerous to organizations. By performing unsupervised machine learning with the right inputs, behavior dimensions, and detection algorithms, LightCyber Magna can detect the anomalies and behavioral changes indicative of an attack. Magna combines powerful network-based machine learning technology with agentless endpoint inspection and cloud intelligence to automatically detect critical risks in the network.

Remediate Threats Instantly

Detecting attacks is great; stopping them is even better. By integrating with market-leading firewall vendors such as Check Point and Palo Alto Networks, Magna administrators can isolate compromised devices from the network with one click. Alternatively, administrators can disable user accounts in Active Directory or terminate malicious endpoint processes from the Magna console. For automated remediation, Magna integrates with leading IT process automation platforms. Eliminating network threats quickly has never been easier.

LightCyber Zeros in on the Most Critical Security Issues

LightCyber finds targeted attacks, malware, insider threats and risky behavior while avoiding burdensome manual configuration or requiring hefty logging and storage demands. With LightCyber, organizations can detect and stop attackers early, before data is compromised.

Take advantage of incredibly accurate security alerts with documented metrics; over 62% of all Magna alerts and 99% of confirmed alerts are investigated, remediated, or deemed useful by Magna customers.

Operational Efficiency
Leverage machine learning to automate attack analysis and drive down security alerts to a manageable volume—approximately 1.1 alerts per 1,000 hosts per day on average.

Detect threats originating from laptops, IOT devices, mobile devices, or even network infrastructure or security tools, as well as servers in the data center and the cloud with network and agentless endpoint analysis.

Integrated Remediation
Quarantine malicious users and hosts by integrating with Active Directory or marketing leading firewalls and network access controls (NACs) to disable user accounts or isolate devices. Alternatively, Magna Pathfinder can directly terminate malicious processes on compromised devices.

Customer Success Story: Gigamon

Gigamon has deployed LightCyber Magna to rapidly detect targeted attacks, find malware, and spot insider threats and risky behavior.

“The ability to see what’s going on around our network and tie it to endpoints is invaluable,” says Marshall Wolf, Sr. Director of IT, Gigamon. “We need tools that can slap us across the face and tell us what’s going on. Now we don’t have to go looking for security events. LightCyber delivers those to us.”

Find out more:

Data Sheet

Magna Behavioral Attack Detection

LightCyber Magna closes the gap in breach detection by modeling user and device activity to detect attack behaviors. Download the datasheet to view Magna’s benefits and technical specifications.


White Paper

White Paper: Unlocking the True Potential of Machine Learning

Machine Learning is poised to revolutionize attack detection by modeling user and device activity. Learn how behavioral analysis powered by machine learning can improve accuracy.



Research: 2016 Cyber Weapons Report

Learn what tools attackers use in the first-of-its-kind 2016 Cyber Weapons Report. Find out what applications attackers use for reconnaissance, command and control, and lateral movement.