|Lastline Detects More Attacks
|| Lastline uses next-generation full-system emulation technology to detect modern malware.
||FireEye uses first-generation virtual sandboxing technology, which is easily bypassed by virtualization-aware malware.
|Malware Detection Rate (2015 NSS Labs Breach Detection Systems Test)
|| Lastline received a 98.6% overall malware detection rate on the most recent NSS Labs BDS test.
||FireEye received a 59.4% overall malware detection rate.
|| Lastline’s architecture is multi-tier. Lightweight distributed sensors and a central scale-out analysis engine ensure enough performance to detect attacks.
||FireEye has a single-tier architecture which combines a sensor and analysis engine into a single appliance. Localized load spikes can overwhelm FireEye’s detection system.
|Physical and Virtual Sensors
|| Lastline can deploy on VMware virtual networks, as well as physical networks from 10M to 10G.
||FireEye deploys only on physical networks and cannot protect VM-to- VM traffic.
|Lastline Makes Your Response More Effective
||Lastline reduces multiple IoCs into unified incidents.
||Every IoC must be manually examined by administrators who may overlook critical information in the alert noise.
||Lastline prioritizes incident risk by the number and severity of IoCs.
||Serious incidents may be missed if individual IoCs are too low a priority. Target Corporation had 40 million credit card numbers stolen, in spite of the fact that FireEye had generated alerts.
|Lastline Has Lower, More Predictable Costs
|Low-cost Sensor Platform
||Lastline is software-based – Deploy on industry-standard servers or VMs.
||FireEye only offers an appliance model which is expensive and inflexible.
||Lastline has a single software sensor for network traffic, email, file system and mobile traffic.
||FireEye customers must purchase separate appliances for each protocol inspected – network traffic, email, file system and mobile traffic.
|Analysis Hardware Cost
||Lastline’s centralized, scale-out malware analysis engine is cost-effective and able to handle large enterprise-wide loads.
||FireEye performs analysis in every sensor appliance, which must be overprovisioned to handle localized load spikes.
||Licensing is per user – regardless of network topology, bandwidth or number of sensors.
||Licensing is per external connection and by bandwidth. This model is extremely costly, complex and impractical for most organizations.
||Upgrade industry-standard servers or add servers for performance upgrades. Lastline never charges for additional licensing.
||FireEye customers must repurchase appliances for performance upgrades.