Story image

Carbon Black brings 80 tech partners together for new security integrations

29 Mar 18

Endpoint security company Carbon Black has announced a new technology partner program designed to improve cyber security offerings, with over 80 technology partners building more than 120 supported integrations.

The program - known as the Carbon Black Integration Network (CbIN) - has seen the likes of Juniper Networks, LogRhythm, Phantom and many others building productised integrations on Carbon Blacks’ Predictive Security Cloud (PSC), while leveraging Cb’s open APIs.

Carbon Black director of technology alliances Jim Raine says, “The Carbon Black Integration Network was built on the premise that a collective defence strategy is the foundation of any good security posture.

“By integrating solutions across each security stack, every new addition brings new functionality to a customer’s entire security architecture. Security teams gain immediate insight and quickly derive more value from existing security investments.

“We’ll continue to empower our entire ecosystem by adding integrations so companies can easily adopt and use solutions that fit their specific needs,” Raine says.

LogRhythm VP of marketing and business development Matt Winter says the integrations they’re building as a part of CbIN will provide customers with increased Network visibility.

"LogRhythm and Carbon Black are empowering security teams to identify behavioural anomalies, detect internal and external threats, and prioritise responses utilising enterprise-class security analytics that leverage machine learning and advanced scenario modeling,” Winter says.

"By integrating with the Cb Predictive Security Cloud (PSC), LogRhythm provides security teams with complete visibility across their cloud and physical IT environments for faster, more efficient threat detection and response."

Carbon Black says CbIN will help alleviate some of the major challenges currently facing security teams, such lack of expertise and limited visibility across the security stack.

It says CbIN will provide a network of widely used and emerging pre-integrated solutions that use their API, which is the same API customers can leverage to build their own integrations.

CbIN represents vendors, customers and security technologists that have leveraged Carbon Black’s open APIs to build integrations designed to benefit everyone.

Blue Cross Blue Shield (Carbon black customer) senior IT security specialist Derick Reisman says, “We’ve always employed a proactive security strategy that protects against advanced threats.

“Carbon Black’s open APIs are central to this strategy – they’ve enabled us to pull threat intelligence from Carbon Black into our SIEM to keep us more secure and extend the visibility of our data to our users.

Some examples of the open-sourced integrations delivered as a part of CbIN include;

  • Export all process execution and endpoint network connection events through the real-time ‘Event Forwarder’.
  • Send all Carbon Black data to another storage mechanism such as Hive or Hadoop
  • Scan all collected binaries against Yara signatures
  • Perform standard queries, but process the data in a script to output it in a certain way to support things like reporting, period queries and enriched process trees.
  • Consume threat indicators from CRITS
  • Subscribe to network connections and plot them on a world map.

Rich Hlavka, Phantom VP of business development says, “By leveraging Carbon Black’s game-changing technology, the Predictive Security Cloud, Phantom is further empowering security teams with unmatched visibility, advanced analytics, and simplified workflow.”

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.