US security company Palo Alto Networks has wrapped up its $105m all cash acquisition of cyber security specialist LightCyber, which has developed automated analytics technology using machine learning to identify attacks based on behavioural anomalies inside the network.
"The LightCyber team's vision to bring automation and machine learning to bear in addressing the difficult task of identifying otherwise undetected and often very sophisticated attacks inside the network is well-aligned with our platform approach," stated Mark McLaughlin, Chairman and CEO of Palo Alto Networks.
According to a report by the Ponemon Institute, when attackers successfully find their way into a network there is an industry average dwell time of approximately five months to discover their activity. During that time, an advanced attacker can initiate command and control, lateral movement, and data exfiltration. This kind of dwell time and advancement in the attack lifecycle can lead to extensive damage and loss of confidential data.
Common approaches to this problem include third-party, log-based collection and analysis tools that are often error-prone, limited in visibility, lack important context, are labor-intensive, require a data scientist to investigate false positives and tune for accurate outcomes, and lack enforcement capabilities.
To address these challenges, reduce attacker dwell time, minimise damage done and prevent breaches, the LightCyber technology employs accurate and automated machine learning techniques to analyse user and entity activity and then identifies and protects against anomalous activities that are indicative of an active attack.
This behavioural attack detection capability complements the existing protections delivered by the Palo Alto Networks platform to help security team members focus on only the most meaningful alerts and improve the time to breach response and prevention.