LightCyber Magna Behavioral Attack Detection
Find Threats Fast with Network-based Attack Detection
LightCyber Magna™ empowers organizations to stop targeted attacks, insider abuse, and malware. Magna zeros in on cyber threats by learning the expected behavior of users and devices and detecting the anomalies that deviate from the learned baseline of behavior. When Magna detects a network attack, the Magna Pathfinder agentless endpoint uses patented network-to-process-association (N2PA) technology to interrogate the endpoint and identify the source process and user credential used to perform the attack, regardless of whether it’s malware, riskware or a benign process.
Streamline Analysis with Rich Investigative Data
LightCyber Magna cuts through the noise of security alerts to finds the threats that matter. LightCyber builds a comprehensive model of user and device behavior with over 1,000 learned behavior dimensions to find anomalous activity. When alerts are fired, Magna provides detailed investigative information related to the alerted behavior, including the source process, user credential, domain and other information to help security teams detect and swiftly respond to threats.
Catch Attackers at Any Stage in the Cyber Kill Chain
Magna detects compromised users and devices across the attack lifecycle. Designed by cyber warfare experts, Magna detects network-based attacker behaviors that attackers cannot conceal, and links them to the endpoint process, whether malicious or benign, that was used in the attack.
- Command and Control: Spot repeated access to rarely accessed sites, tunneled connections, domain generation algorithms, and access to known and unknown C&C servers
- Reconnaissance: Identify abnormal network scans, connection failures, and darknet scans
- Lateral Movement: Uncover new admin behavior, credential misuse, and credential scraping
- Data Exfiltration: Detect irregular, large, and suspicious data transfers
- Malware: Interrogate endpoints to find malware, riskware, and suspicious artifacts
Confirm Attacks with Endpoint Analysis
To add valuable insight to network alerts, Magna Pathfinder can analyze Windows and Linux workstations and servers to determine which executables generated suspicious traffic. Once identified, questionable files can be detonated in a virtual sandbox and examined by virus scanning engines by the Magna Cloud Expert System to determine if they are malicious. With Magna Pathfinder technology, security teams can verify attacks and find malware on their endpoints without needing to install bulky endpoint agents.
Use Machine Learning to Pinpoint Threats
Machine learning empowers organizations to detect attacks that are not known vulnerability exploits or malware—but are none-the-less extremely dangerous to organizations. By performing unsupervised machine learning with the right inputs, behavior dimensions, and detection algorithms, LightCyber Magna can detect the anomalies and behavioral changes indicative of an attack. Magna combines powerful network-based machine learning technology with agentless endpoint inspection and cloud intelligence to automatically detect critical risks in the network.
Remediate Threats Instantly
Detecting attacks is great; stopping them is even better. By integrating with market-leading firewall vendors such as Check Point and Palo Alto Networks, Magna administrators can isolate compromised devices from the network with one click. Alternatively, administrators can disable user accounts in Active Directory or terminate malicious endpoint processes from the Magna console. For automated remediation, Magna integrates with leading IT process automation platforms. Eliminating network threats quickly has never been easier.
LightCyber Zeros in on the Most Critical Security Issues
LightCyber finds targeted attacks, malware, insider threats and risky behavior while avoiding burdensome manual configuration or requiring hefty logging and storage demands. With LightCyber, organizations can detect and stop attackers early, before data is compromised.
Take advantage of incredibly accurate security alerts with documented metrics; over 62% of all Magna alerts and 99% of confirmed alerts are investigated, remediated, or deemed useful by Magna customers.
Detect threats originating from laptops, IOT devices, mobile devices, or even network infrastructure or security tools, as well as servers in the data center and the cloud with network and agentless endpoint analysis.
Quarantine malicious users and hosts by integrating with Active Directory or marketing leading firewalls and network access controls (NACs) to disable user accounts or isolate devices. Alternatively, Magna Pathfinder can directly terminate malicious processes on compromised devices.
Customer Success Story: Gigamon
Gigamon has deployed LightCyber Magna to rapidly detect targeted attacks, find malware, and spot insider threats and risky behavior.
“The ability to see what’s going on around our network and tie it to endpoints is invaluable,” says Marshall Wolf, Sr. Director of IT, Gigamon. “We need tools that can slap us across the face and tell us what’s going on. Now we don’t have to go looking for security events. LightCyber delivers those to us.”