Lastline:VMware收购 布局威胁防护
【200605 Pulse2】Tom Gillis, SVP & General Manager at VMware, Inc. (NYSE: VMW), announced that the company is intending to buy Lastline — which is a pioneer in anti-malware research and AI-powered network detection and response.
【谷歌翻译 未经校对】VMware公司(纽约证券交易所:VMW)高级副总裁兼总经理Tom Gillis宣布,该公司打算收购Lastline,后者是反恶意软件研究和基于AI的网络检测和响应技术的先驱。
After the deal closes, VMware is planning to bring a team of network-focused anti-malware researchers and developers, and go-to-market security experts in-house for its NSX team. Lastline has several of the top 10 most published security threat researchers globally and the team has been credited with bringing structure and rigor to the world of malware research.
交易完成后,VMware计划为其NSX团队带来一支由以网络为中心的反恶意软件研究人员和开发人员以及内部上市安全专家。Lastline在全球排名前10位的安全威胁研究人员中名列前茅,该团队因其结构和严谨性而闻名于世。
Gillis said this is an important step for VMware’s vision of Intrinsic Security as it will enable the company to further “take advantage of the intrinsic attributes of our virtualization platform to yield innovative security capabilities.”
Gillis说,这对于VMware的Intrinsic Security愿景是重要的一步,因为它将使该公司进一步“利用我们的虚拟化平台的固有属性来产生创新的安全功能。”
Lastline also has 15 PhDs and academics on staff.
Lastline还拥有15名博士学位和研究人员。
“At VMware, we will amplify the academic focus of the Lastline team, and by joining forces with the Carbon Black Threat Analysis Unit (TAU), continue to foster their deep understanding not just of the threat, but of the motivation and tactics behind the threat,” Gillis added in a company blog post. “This rigorous analytical approach can be seen in Lastline’s products. Lastline’s core product is a malware sandbox. Most sandboxes treat malware as a black box and inspect how that black box interacts with the operating system (syscall inspection). Lastline goes deeper, using full-system emulation to look at every instruction the malware executes, effectively peering into the black box. This yields a deeper understanding of how the malware works, which allows the Lastline team to also detect and block the many derivates of malware families.”
“在VMware,我们将扩大Lastline团队的学术重点,并与炭黑威胁分析部门(TAU)携手合作,继续加深他们对威胁的深刻理解,以及对背后动机和策略的深刻理解。威胁”,吉利斯在公司博客中补充道。“这种严格的分析方法可以在Lastline的产品中看到。Lastline的核心产品是恶意软件沙箱。大多数沙箱将恶意软件视为黑盒,并检查黑盒如何与操作系统交互(系统调用检查)。Lastline更加深入,使用完整的系统仿真来查看恶意软件执行的每条指令,从而有效地窥视黑匣子。这样可以更深入地了解恶意软件的工作方式,从而使Lastline团队还可以检测并阻止恶意软件家族的许多派生产品。”
Lastline’s system detects twice the number of malicious files as a signature-based system. And Lastline detonates over 5 million file samples daily and the Lastline technology protects over 20 million users across thousands of organizations, including 5 of the 10 largest financial institutions.
Lastline的系统检测到的恶意文件数量是基于签名的系统的两倍。Lastline每天引爆超过500万个文件样本,Lastline技术为数千个组织(包括10个最大的金融机构中的5个)的2000万用户提供保护。
The Lastline system taps into machine learning to recognize essential elements of an attack, unlike narrow signature-based systems that miss the many variants an attacker may use. And the Lastline approach is not just anomaly detection. Plus Lastline utilizes the deep understanding of malicious behavior to flag clearly bad activities such as East-West movement, command and control activity, and data exfiltration.
Lastline系统利用机器学习来识别攻击的基本要素,这与基于狭窄签名的系统不同,后者缺少攻击者可能使用的多种变体。而Lastline方法不仅是异常检测。Plus Lastline利用对恶意行为的深刻理解来清楚地标记不良活动,例如东西向移动,命令和控制活动以及数据泄露。
VMware NSX has deep visibility into network traffic, which touches every packet. And the NSX architecture will enable Lastline to perform network analytics at massive scale — across tens of thousands of cores — without the burden of tapping network traffic. Plus NSX has an intrinsic understanding of application topology and speaks Layer 7 so it knows the difference between a web server and a database while understanding what an application is doing.
VMware NSX对涉及每个数据包的网络流量具有深入的了解。而且,NSX体系结构将使Lastline能够跨数万个内核大规模执行网络分析,而不会增加网络流量的负担。另外,NSX对应用程序拓扑有内在的了解,并且会讲第7层,因此它可以在了解应用程序正在做什么的同时知道Web服务器和数据库之间的区别。
网安团队找钱 / 投资人找网安项目
+微信 junshao
—— 全球网安投融事件 TimeLine ——
2020年6月
2020年5月
2020年4月
2020年3月
2020年2月
2019年12月
2019年11月
2019年10月
【业务安全】Duality:获融$16M 隐私与数字IP保护
【整体并购】Carbon Black:被VMware收购 强化网安能力
【工业网安】SparkCognition:获融$100M AI驱动安全
2019年9月
2019年8月
【终端安全】CrowdStrike:设立$20M基金 布局平台应用
【反欺诈】Cofense:获BlackRock投资 加码防钓鱼平台
【整体并购】PageSeal:被PerimeterX并购 强化终端威胁防护
【整体并购】Veriflow:被VMware并购 强化网络维护
【云安全 】CloudCheckr:获融$15M 多云管理平台
2019年7月
2019年6月