- Tom Gillis, SVP & General Manager at VMware, Inc. (NYSE: VMW), announced that the company is intending to buy Lastline
Tom Gillis, SVP & General Manager at VMware, Inc. (NYSE: VMW), announced that the company is intending to buy Lastline — which is a pioneer in anti-malware research and AI-powered network detection and response.
After the deal closes, VMware is planning to bring a team of network-focused anti-malware researchers and developers, and go-to-market security experts in-house for its NSX team. Lastline has several of the top 10 most published security threat researchers globally and the team has been credited with bringing structure and rigor to the world of malware research.
Gillis said this is an important step for VMware’s vision of Intrinsic Security as it will enable the company to further “take advantage of the intrinsic attributes of our virtualization platform to yield innovative security capabilities.”
Lastline also has 15 PhDs and academics on staff.
“At VMware, we will amplify the academic focus of the Lastline team, and by joining forces with the Carbon Black Threat Analysis Unit (TAU), continue to foster their deep understanding not just of the threat, but of the motivation and tactics behind the threat,” Gillis added in a company blog post. “This rigorous analytical approach can be seen in Lastline’s products. Lastline’s core product is a malware sandbox. Most sandboxes treat malware as a black box and inspect how that black box interacts with the operating system (syscall inspection). Lastline goes deeper, using full-system emulation to look at every instruction the malware executes, effectively peering into the black box. This yields a deeper understanding of how the malware works, which allows the Lastline team to also detect and block the many derivates of malware families.”
Lastline’s system detects twice the number of malicious files as a signature-based system. And Lastline detonates over 5 million file samples daily and the Lastline technology protects over 20 million users across thousands of organizations, including 5 of the 10 largest financial institutions.
The Lastline system taps into machine learning to recognize essential elements of an attack, unlike narrow signature-based systems that miss the many variants an attacker may use. And the Lastline approach is not just anomaly detection. Plus Lastline utilizes the deep understanding of malicious behavior to flag clearly bad activities such as East-West movement, command and control activity, and data exfiltration.
VMware NSX has deep visibility into network traffic, which touches every packet. And the NSX architecture will enable Lastline to perform network analytics at massive scale — across tens of thousands of cores — without the burden of tapping network traffic. Plus NSX has an intrinsic understanding of application topology and speaks Layer 7 so it knows the difference between a web server and a database while understanding what an application is doing.
