**Editor's Note: Click here for a list of April’s important channel-program changes you should know.**
Customers know – or should be convinced – that we can’t build walls high or deep enough to stop all attacks. But by discovering a normal, or known good, network baseline, security teams have a shot at spotting anomalous traffic that could indicate a breach. That detection process requires drawing intelligence from a range of network and endpoint security systems and running advanced behavioral profiling techniques on the data. Deviations can then trigger detection and response processes by those existing systems.
This concept is the basis of a number of security vendor coalitions. The commonality is to use APIs to link disparate data sources and feed threat intelligence to an analysis engine. LightCyber launched on Monday its ecosystem entry, the LightCyber Technology Alliance Program, or LTAP, that it says will power greater security intelligence and remediation options while enhancing revenue opportunities for its partners.
“Your average channel partner has a full line card of different solutions, and we want to support and complement those solutions to make the net whole better by integration," said LightCyber’s EVP of marketing Jason Matloff, in a briefing. “Signatures, blacklists and hashes are part of an outdated known-bad model."
It’s almost a certainty that determined attackers can get into a customer’s system. “The big deal is being able to find out before they cause damage," Matloff said.
LightCyber is 100-percent channel and in 15 months has signed on 100 customers and 25 partners in North America. It doesn’t work through distributors, preferring to deal directly with specialized security services providers.
“We don’t fulfill any deals outside the channel," said Matloff. “We know that the growth trajectory that we want to have is only going to be enabled by leveraging the channel."
Through LTAP, LightCyber’s Magna platform will eventually interoperate with nine technology categories, including firewalls and Web gateways, security information and event managers, VPNs, network access control and authentication systems, and IT workflow and service management suites. The Magna platform is a passive system that sits on a span port and learns what’s normal on a customer network. The product offers Active Directory integration and is able to quarantine suspect nodes and revoke credentials automatically if a user account is compromised.
Today LightCyber is announcing four integration deals.
Under the HPE Technology Alliance Partner Program, Magna is certified to interoperate with HPE ArcSight for security information and event management (SIEM). Packet capture for analytics is provided by the Gigamon GigaSecure Security Delivery Platform under the Gigamon Ecosystem Partners Program. Magna also integrates with Check Point’s next-generation threat prevention solutions and Palo Alto Networks’ next-generation firewalls to isolate compromised endpoints and block the command-and-control channels used by attackers to exfiltrate data.
Independent security analyst Michael Cobb says these alliances are likely to ...