Palo Alto Networks has bought LightCyber for its behavioral analytics platform that can speed the time to detect intrusions that have already breached networks and are looking around for ways to carry out exploits.
The $105 million cash deal brings LightCyber’s ability to analyze behavior of devices to discover reconnaissance by malware inside networks and lateral movements as it seeks to compromise vulnerable systems.
Based on machine learning, LightCyber absorbs the behaviors of individuals and devices, sets a normal level for them and finds anomalies that could indicate attacks underway.
By analyzing behavior, LightCyber can detect malware-free attacks that use legitimate processes to carry out attacks and so remain undetected by platforms that seek to identify malware signatures. The platform gathers network and endpoint data on-site and analyzes it in the cloud.
Once LightCyber identifies suspicious activity it can shut it down automatically or send alerts to security analysts.
Palo Alto says when LightCyber becomes part of its next-generation firewall products it will add very specific protections. “With LightCyber added to our platform, it can further prevent command-and-control activity and data exfiltration by detecting anomalous behavior,” the company says.
Sign up for CIO Asia eNewsletters.