Providing The Full Spectrum of Cyber Security Defenses; Identify, Protect, Detect, Respond and Recover.

Advance Persistent Threat

Deception Technology

Introducing AD|Protect: Active Directory Protection

AD|Protect defends the Active Directory while providing autonomous breach containment, incident response, and threat hunting capabilities. The platform will also show the defender and AD Admin the domain from the attacker’s perspective, allowing for immediate risk mitigation to reduce the attack surface. We combine technologies such as Native Language Processing, obfuscation, and advanced forensics methodologies at the point of a breach.

Breach Containment, IR, And Hunting

Designed for Domain Environment:

Using unique IR methodologies specifically designed for a corporate domain environment, AD|Protect effortlessly collects and analyzes forensic evidence from disk and memory, determining if the attack is a local incident or part of a bigger effort. The moment an attack is detected, an alert is triggered from the endpoint, and an on-demand scan of the memory gathers specific forensic information related to the attack.

By automating the forensic process and scanning for the right information only when an attack is detected, AD|Protect monitors the process and hunts it back to patient zero to identify where the attack originated. Then, autonomous features contain the breach in real- time. A variety of mitigation methods are available depending on corporate policy and objective.

Data Sanitization

Content Threat Removal (CTR)

CTR stops content threats without having to determine whether data is safe or unsafe. It extracts business information from incoming data and builds new safe data to deliver it.   We transform Office, PDF, images and XML / JSON structured data.  We also defeat steganography in images.

Deployed in application layer proxies, gateway sidecars or cloud services, CTR defeats sophisticated and zero-day attacks. It is built to withstand attacks directed at it, as all transformed data is verified by our High Speed Verifier – an FPGA based security device providing assured separation between networks.

End Point Security

What we offer is the only unified Threat Hunting & Endpoint Detection and Response (EDR) platform that prevents compromise from advanced attacks, stops ongoing attacks, and automates the hunt for the next generation of attacks with a single, centrally managed, dissolvable agent.



Our offering is revolutionizing the way companies improve breach protection with technology that detects malware- and browser-based attacks and malicious network activity before suffering a costly data breach. And we enable you to do this with fewer resources and at lower cost than existing malware detection tools.

We unmatched level of visibility, accuracy and effectiveness, and our focus on IT managers’ ever-increasing pressure to secure company networks and assets, has resulted in the company providing specific, actionable, context-rich threat intelligence and decreased data loss to many of the largest and most successful companies around the world.

Our solution has the most effective malware detection you can buy at any price. The foundation of the solution Breach Protection Platform is our network-based malware detection technology, Deep Content Inspection™. It simulates an entire host (including the CPU, system memory, and all devices) to provide comprehensive analysis of malware.

Deep Content Inspection interacts with the malware and catalogs every action the malware takes. Alternative methods to malware detection, like OS emulation and virtualization, are fooled by sophisticated evasion techniques. They cannot interact with the malware and are easily bypassed, and therefore miss many advanced attacks.

Highlights from testing of the Lastline Breach Detection Platform v6.5 include:

  • 100% detection of malicious files and documents in HTTP traffic
  • 100% detection of malicious files and documents in Email traffic
  • 100% detection of malicious files and documents in SMB traffic
  • 100% detection of sandbox evasions
  • 100% detection of Virtual Machine evasions
  • 100% detection of social exploits
  • Consistent 1000 Mbps performance