sb-au logo
Story image

Carbon Black brings 80 tech partners together for new security integrations

Endpoint security company Carbon Black has announced a new technology partner program designed to improve cyber security offerings, with over 80 technology partners building more than 120 supported integrations.

The program - known as the Carbon Black Integration Network (CbIN) - has seen the likes of Juniper Networks, LogRhythm, Phantom and many others building productised integrations on Carbon Blacks’ Predictive Security Cloud (PSC), while leveraging Cb’s open APIs.

Carbon Black director of technology alliances Jim Raine says, “The Carbon Black Integration Network was built on the premise that a collective defence strategy is the foundation of any good security posture.

“By integrating solutions across each security stack, every new addition brings new functionality to a customer’s entire security architecture. Security teams gain immediate insight and quickly derive more value from existing security investments.

“We’ll continue to empower our entire ecosystem by adding integrations so companies can easily adopt and use solutions that fit their specific needs,” Raine says.

LogRhythm VP of marketing and business development Matt Winter says the integrations they’re building as a part of CbIN will provide customers with increased Network visibility.

"LogRhythm and Carbon Black are empowering security teams to identify behavioural anomalies, detect internal and external threats, and prioritise responses utilising enterprise-class security analytics that leverage machine learning and advanced scenario modeling,” Winter says.

"By integrating with the Cb Predictive Security Cloud (PSC), LogRhythm provides security teams with complete visibility across their cloud and physical IT environments for faster, more efficient threat detection and response."

Carbon Black says CbIN will help alleviate some of the major challenges currently facing security teams, such lack of expertise and limited visibility across the security stack.

It says CbIN will provide a network of widely used and emerging pre-integrated solutions that use their API, which is the same API customers can leverage to build their own integrations.

CbIN represents vendors, customers and security technologists that have leveraged Carbon Black’s open APIs to build integrations designed to benefit everyone.

Blue Cross Blue Shield (Carbon black customer) senior IT security specialist Derick Reisman says, “We’ve always employed a proactive security strategy that protects against advanced threats.

“Carbon Black’s open APIs are central to this strategy – they’ve enabled us to pull threat intelligence from Carbon Black into our SIEM to keep us more secure and extend the visibility of our data to our users.

Some examples of the open-sourced integrations delivered as a part of CbIN include;

  • Export all process execution and endpoint network connection events through the real-time ‘Event Forwarder’.
  • Send all Carbon Black data to another storage mechanism such as Hive or Hadoop
  • Scan all collected binaries against Yara signatures
  • Perform standard queries, but process the data in a script to output it in a certain way to support things like reporting, period queries and enriched process trees.
  • Consume threat indicators from CRITS
  • Subscribe to network connections and plot them on a world map.

Rich Hlavka, Phantom VP of business development says, “By leveraging Carbon Black’s game-changing technology, the Predictive Security Cloud, Phantom is further empowering security teams with unmatched visibility, advanced analytics, and simplified workflow.”

Link image
Webcast series: The necessary tools to secure a remote workforce
Experts from across the A/NZ region discuss the best security practices in a remote working world - with sessions available on the first Thursday of every month.More
Link image
Why it's crucial to normalise proper security training for remote working
Knowing and implementing best practices for remote security can save money, time and headaches. It starts with a quality solution to safeguard the workforce.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Link image
Revealed: The pros and cons of leading cloud security vendors
Determining which edge and cloud security vendor is the right fit for your organisation can be challenging. Here's the guide for evaluating the leading enterprise solutions.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More