Cloud facilitates advanced malware protection, claims LastLine

News Jane McCallion Oct 31, 2013

Scalability provides better analysis, detection and infection prevention, organisation says.

Cloud computing can help protect companies against the ever increasing and ever more sophisticated malware attacks they face.

That's according to Jens Andreassen the CEO of Lastline, a security firm that specialises in protecting organisations from advanced persistent threats, Trojans and other types of malware

The firm offers a hybrid service, dubbed Previct, which works to detect and eradicate potential threats, as well as alerting system administrators to any infection that may have entered onto their system.

“The way it works is we have a sensor sitting on the corporate network, typically where the interconnection is,” Andreassen explained. “So our products see all the traffic going into and coming out of the network and monitor it for signs of advanced malware – command and control traffic and download activity – and we can determine with a very high level of accuracy which computers on the network are infected and what kind of infection they have.”

“The software can also inspect downloads and, if it is something we have not seen before, we can execute it in a sandbox environment to discover if it is malicious or not,” he continued.

Andreassen said that all the “heavy lifting” – ie determining what kind of malware had infected a computer or sandboxing a suspicious attachment – is carried out remotely on the organisation’s own data centres.

“There has been a big shift in the way things are done. You don’t just need to be able to do this sandbox analysis, you need to be able to do it at a very large scale,” said Andreassen.

“You need to take a big data-type approach to how you analyse malware today and the cloud implementation is part of that. To be able to analyse data on a very large scale is critical and the cloud is a vital benefit for that,” he added.