I am excited to announce that the website of our start-up company LastLine, Inc., is now live at http://www.tllod.com
. The team behind LastLine is composed of people you know from the International Secure Systems Lab (http://iseclab.org
), we are coming from the University of California, Santa Barbara, the Vienna University of Technology (Austria), Eurecom (France), and Ruhr-University Bochum (Germany). We all have extensive expertise in malware analysis and malware countermeasures (see our list of publications
) and you might know tools like Anubis
that have been developed by us.
LastLine, Inc., provides protection technology that is complementary to existing anti-virus software and firewalls. Our approach is based on cyber crime intelligence that we gather by analyzing millions of suspicious URLs and binaries each day. More precisely, using our advanced malware analysis tools, we pinpoint the exploit servers that are behind drive-by exploits campaigns and the command and control server that manage botnets. These servers constitute the malicious infrastructure that is used by cyber criminals to carry out their attacks.
One of the first product we offer is llweb
, a tool that analyzes web sites for the presence of malicious code, such as drive-by download exploits. llweb was developed by the creators of Wepawet
and you can find out more about the tool at http://tllod.com/products/llweb
. We also offer several other tools and services: llmon
is a service that helps organizations to determine if their hosts are used to deliver or control malware. We continuously monitor whether a customer's assets participate in malicious activities, and if so, we provide detailed and early warning so that proper mitigation steps can be initiated. llmon was developed by some of the creators of FIRE
. Furthermore, we provide access to the list of IP addresses, domains, and URLs that we identify to be associated with malicious activity on the Internet. Customers can obtain continuously-updated intelligence, which can be leveraged internally to identify compromised hosts or configure network access control mechanisms. You can find more about our products at http://tllod.com/what