Lastline Analyst

Lastline Analyst provides threat analysts and incident response teams with the advanced malware control and isolation environment they need to run advanced instances of malware and understand their behavior.

Your security team takes advantage of the Lastline team's years of research into self-concealed malware. Lastline Analyst offers the knowledge of our internationally recognized experts to your security team so that advanced malware can be easily found.

Unique Malware Detection

When your team sends an unknown file to Lastline, our Deep Content Inspection environment treats it as malware. Deep Content Inspection is designed to provide complete visibility into the behavior of malware while keeping it private.

Advanced malware can determine whether a real user is on the device or in an environment such as a sandbox or virtual machine (VM). When it detects these environments, it changes its behavior and avoids being detected. Deep Content Inspection can remain confidential even when identifying malware with cloaking techniques, and then provide appropriate data entry to analyze all malicious behavior.

Deep Content Inspection Advantages

Sandbox and virtual machines (VMs) have visibility only up to the operating level level and cannot provide complete malware control. They can review content and identify potentially malicious code, but have lower detection rates and higher false-positive rates because they cannot interact with malware or detect avoidance techniques.

Deep Content Inspection detection algorithms are located outside the operating system level, where other brands cannot. This malware control architecture allows us to see much more than other tools can see because we are not only at the operating system level, but also within the hardware level. Malicious software cannot execute a behavior that Lastline Analyst cannot see.

Processing results

Lastline Analyst provides analysis report of the malware. This report contains all the attributes and outputs discovered during the analysis, such as additional executable files, IoCs, targeted services, and captured network traffic.

Flexible Cloud or on-site installation options

You can position Lastline Analyst in-house or in the cloud. If your organization is subject to strict confidentiality rules, you can host Lastline Analyst in-house and in your data-center. Instead of this model, you can also position Lastline in the Cloud by using a hosted deployment model.

TOP