Story image

Carbon Black announces enhanced cloud security offering

11 Oct 18

Endpoint security solutions provider Carbon Black has introduced Cb ThreatHunter, delivering new threat hunting and incident response (IR) capabilities on the Cb Predictive Security Cloud (PSC).

The new offering will be the fourth service delivered on the PSC this year.

The Cb ThreatHunter announcement was made from the company’s annual user conference #CbConnect18 in New York.

Carbon Black chief executive officer Patrick Morley says, “A year ago, we outlined our vision to extend the Cb Predictive Security Cloud to make it easier for our customers to move off legacy antivirus and address multiple security use cases through a single cloud platform and sensor.”

“With the addition of Cb ThreatHunter, this platform will have five offerings and delivers customers the ability to prevent, detect, respond to, predict, and now hunt threats in the cloud using a single agent, console and platform.”

Adding advanced threat hunting to the PSC

Cb ThreatHunter is delivered through the PSC, Carbon Black’s endpoint protection platform that consolidates multiple critical endpoint security capabilities supporting both IT and security operations, including: next-generation antivirus (NGAV), endpoint detection and response (EDR); threat hunting and IR; virtualised data centre security; real-time endpoint query and remediation; and managed threat hunting and triage.

Threat hunting powered by a continuous collection of unfiltered data

Most EDR and IR tools on the market collect a limited set of historical data.

As a result, security operation centres (SOCs) and IR teams struggle to get their hands on the information they need to investigate, proactively hunt and remediate.

Cb ThreatHunter solves this problem by continuously collecting unfiltered data, giving security teams all the information they need t proactively hunt threats, uncover suspicious behaviour, disrupt active attacks, repair damage quickly and address gaps in defences.

Investigations that often take days or weeks can be completed in minutes with Cb ThreatHunter.

Some the Cb ThreatHunter features include:

Better search fields: Cb ThreatHunter equips security teams with the ability to flexibly hunt threats, even if an endpoint is offline. With this level of visibility, researchers can see what happened at every stage of an attack with intuitive attack-chain visualisations, and uncover threats, while minimising attacker dwell time. This insight provides immediate answers with comprehensive behavioural context to stop attacks as quickly as possible.

Threat intelligence matching: Cb ThreatHunter’s detection combines custom and cloud-delivered threat intel, automated watchlists and integrations with the rest of the security stack to efficiently scale hunting across the enterprise. This level of detection allows security teams to proactively explore environments for abnormal activity, leverage cloud-delivered threat intelligence and automate repeat hunts. Additionally, the PSC’s platform extensibility allows developers to create custom watchlists to power real-time detection and correlate data across the security stack.

Elastic cloud scalability: Cb ThreatHunter is natively built on the PSC, allowing security teams to rapidly deploy and scale the solution across their enterprise without investing in (or maintaining) on-premise infrastructure. By eliminating these costs and processes, Cb ThreatHunter enables teams to simplify their operations and focus their energy on hunting and responding to threats.

Cb ThreatHunter will be generally available in November 2018.

Kiwis make waves in IoT World Cup
A New Zealand company, KotahiNet, has been named as a finalist in the IoT World Cup for its River Pollution Monitoring solution.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
How SMBs can use data to drive business outcomes
With the right technology, companies can capture consumer, sales, and expense data, and use it to evaluate and construct future plans.
Survey shows that IoT is RoI across Asia Pacific
A recent Frost & Sullivan survey across Australia, Hong Kong and Singapore shows that IoT deployment improves business metrics by around 12%.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.