Virtualization Technology News and Information
Q&A: Interview with Lastline Talking Cyber Security and Virtualization

A relatively new player in the cyber security market recently announced a new active malware defense technology for enterprise networks and VMware ESX server virtualization environments.  To find out more about the company and its latest product release, I spoke with Freddy Mangum, CMO at Lastline.

VMblog:  For those readers who may not know about your company, can you give us some background on Lastline and explain what your solutions accomplish?

Freddy Mangum:  Lastline commercial products were launched in 2011 to address the ongoing threat of advanced malware, advanced persistent threats (APTs), active backdoors and targeted attacks within virtual environments that are designed to bypass traditional security products. However, the founders Christopher Kruegel, Giovanni Vigna and Engin Kirda are well-known for establishing Anubis and Wepawet - which provide free, advanced malware analysis services utilized for many year by security vendors and large organizations.

Furthermore, the founders have been conducting advanced malware research for over a decade and have published over 120 academic papers. 

VMblog:  Given that all of the founders have extensive academic/research backgrounds in the cyber security space, how has this impacted the company thus far?

Mangum:  We are extremely grateful to have experts who have spent over a decade researching a wide-variety of advanced cyber security threats leading the team. Their extensive knowledge of the space enables us to develop solutions that are best suited for today's threats and the threats that lie ahead. Hackers are quick on their feet, and by leveraging the experience of our executive team we are able to plan accordingly for the next breed of attacks and provide solutions that effectively combat evasive and advanced malware. 

VMblog:  The company just unveiled Lastline Enterprise v4.7 and announced its availability. What specific features does v4.7 provide and what new capabilities does it add?

Mangum:  First and foremost, Lastline Enterprise v4.7 now enables support for deployments of sensors on virtualized environments that are running on VMware ESX servers. With this release, we are addressing advanced malware and APTs within highly distributed and virtualized network environments that are often considered difficult to protect. To increase capabilities and enhance overall performance, we've also added Android AKP analysis for mobile APT defense and advanced reporting that provides data for security operations or underline analysis.

VMblog:  Can you explain the pricing model, and why is it important to leverage user-based pricing?

Mangum:  Pricing for our products is based on an annual subscription per user per year model that varies between the on-premise and hosted offering. Starting at $60 to $90, respectively per user per year for multi-protocol support (email and Web), our solution is price-friendly for medium-large companies and enterprises. Offering a user-based pricing model is essential for organizations that are looking to scale-out to meet various business needs, and we are providing a solution that is easily accessible because of its cost-effectiveness.

VMblog:  For prospective companies looking to implement new security solutions, what makes your technology unique in the market?

Mangum:  Unlike competitors, we offer products that can be deployed as on-premise or hosted solutions, providing users with the flexibility to scale as needed. The Lastline Enterprise management and analysis engines can be deployed either on-premise in a private cloud or as a hosted solution by Lastline, while the sensor runs on bare metal or VMware ESX instances throughout a company's networks. To make the implementation as simple as possible, Lastline Enterprise can be deployed within minutes and is easy to administer from set up on - also taking into account that it is universal to Web, email, file, network traffic and analysis on Android applications. Since users can leverage commodity hardware, they are able to avoid the significant upfront costs associated with purchasing proprietary hardware. 

VMblog:  What suggestions do you have for organizations that are developing or revamping their security strategies?

Mangum:  We are witnessing a new wave of threats that are becoming increasingly malicious and evasive -the Target and Neiman Marcus attacks are perfect examples of this. In many cases, hackers are motivated by monetary gain, and traditional approaches to security have been unable to successfully address these types of attacks. Since many companies don't have the budgets to purchase a variety of security solutions out on the market, they should be on the lookout for comprehensive solutions that don't require unnecessary and expensive proprietary hardware, and that can be utilized for Web, email, file, network traffic, and more all in one. 

VMblog:  With advanced malware flooding today's networks, what can companies do to protect themselves from these potential threats?

Mangum:  Advanced threats are growing in numbers and complexity now that hackers are taking advantage of the financial opportunities they present. In order for a company to truly protect itself against these malicious attacks, they need to adopt comprehensive solutions that monitor and protect both physical and virtual environments - keying in on both known and unknown threats. Since APTs and advanced malware evolve at such a rapid rate, it is crucial for organizations to future-proof their security investments by evaluating solutions that effectively detect and manage new threats in real-time. But it's not just about the technology. Companies also need to take a proactive approach to security, rather than being reactive and responding after a major attack has already occurred.


Once again, a special thank you to Freddy Mangum, CMO at Lastline, for taking time out to speak with

Published Wednesday, February 19, 2014 7:11 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2014>