Story image

Carbon Black updates endpoint security solution

31 Aug 2018

Endpoint security solutions provider Carbon Black today announced version 8.1 of Cb Protection, the company’s control solution used to lock down servers and critical systems, prevent unwanted changes, and ensure continuous compliance with regulatory mandates, including Payment Card Industry Data Security Standard (PCI DSS).

Cb Protection 8.1 includes a new “File Delete” feature, allowing customers to meet PCI DSS standards to replace legacy antivirus (AV).

Customers who want to remove legacy AV and run Cb Protection on their compliant devices can now do so without going through the compensating control process.

“The deterministic security model employed by Cb Protection has helped many organisations lock down critical systems and servers,” says Enterprise Strategy Group director and senior analyst Doug Cahill.

“With ‘File Delete’ in Cb Protection 8.1, Carbon Black makes customers’ lives easier by automating response measures protecting server workloads from compromise while also assuring compliance.”

Medibank CISO Stuart Harrison says, "Since we have had Carbon Black in place, we actually have not had any crypto attacks on the desktop or the endpoint

Cb Protection 8.1 empowers customers to comply with the Payment Card Industry Data Security Standard (PCI DSS) by:

  • Simplifying implementation and support of TLS 1.2 communication
  • Adding two-factor authentication to the Cb Protection console
  • Making Cb Protection a direct control for PCI DSS requirement 5, enabling customers to remove legacy antivirus without the need for going through the compensating control process.

Leveraging cloud-reputation services, IT-based trust policies, and multiple sources of threat intelligence from the Cb Predictive Security Cloud (PSC), Cb Protection ensures that only trusted and approved software is allowed to execute on an organisation’s critical systems and endpoints.

Cb Protection achieved a Security Effectiveness rating of 100% in an independent test conducted by NSS Labs in 2017.

With version 8.1, Cb Protection also supports FIPS-140 regulations and ensures customers are using approved cryptographic modules.

“For customers who have concerns about meeting compliance requirements on critical servers, Cb Protection 8.1 offers a new feature in ‘File Delete,’ which allows customers to replace legacy AV without worry,” says Carbon Black’s chief product officer Ryan Polk.

“Protecting critical servers without the need for additional AV security solutions simplifies and strengthens an organisation’s security posture immediately.”

Kordia IS architecture head Simon Turner says, “The effort required to install and maintain it appeared to be much lower than other products in its class."

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.