Empowering Developers: How Unfiltered Data and Custom Integrations Became a Foundation for Carbon Bl

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Today, we’re hosting our first-ever Developer Day from the sold-out #CbConnect18 conference in New York. The day features in-depth, technical workshops to accelerate developers’ ability to extend Carbon Black’s open cloud platform to improve the security stack. The way I see it, this day is years in the making.

In the early days of Carbon Black, I demonstrated a pre-release version of Cb Response to a large MSSP. They immediately recognized the value of our technology and the unfiltered data we collect – but they also saw opportunities to extend and add additional features that tied into their own workflows and technology stack.

The immediate conclusion was around ensuring Carbon Black must enable customers to build their own custom integrations and solve for their own unique use cases.  That realization became a foundational principle at Carbon Black: the product must be programmable via open APIs. The unfiltered endpoint data was not Carbon Black’s unfiltered data – it was customers’ unfiltered data. It was imperative that Carbon Black provide the open APIs to enable customers and partners to have full access to integrate Carbon Black with other products and into workflows and internal systems.

That openness has served our customers and partners well. There are hundreds of integrations with Cb Response built by IR firms, MSSPs, customers and technology partners like Splunk, IBM and more.  Our API bindings on GitHub continue to draw attention and our dedicated developer relations team is in constant communication with our developer community.

This success has led to a thriving developer ecosystem. With thousands of users of the APIs and hundreds of contributors, it is time for the next big step.

Carbon Black’s Developer Day is dedicated to developers from across Carbon Black’s customer and partner community. The day includes training on Carbon Black APIs, tooling, and resources.  There are many presentations and demos from existing customers about their use of the APIs to build custom integrations. The event is a great chance to learn from developers at Carbon Black and from others in the community about how Carbon Black products can be stretched and integrated in incredible ways.

An underlying concept here is extensibility. Extensibility builds on our openness and APIs by allowing Carbon Black customers and partners to fundamentally extend both the core platform and the products on it. This is a huge step forward and enables our customers and partners to take advantage of the Cb Predictive Security Cloud platform infrastructure to solve even bigger and more challenging security problems in their environment.

Carbon Black’s embrace of extensibility is rooted in the same underlying philosophy that inspired our belief in unfiltered data: we cannot know ahead of time every capability that our customers will need.   The endpoint is contested ground, as adversaries constantly update their capabilities to bypass and attack defenses. By making the PSC platform extensible, we enable customers and partners to extend the capabilities for brand new use cases on a just-in-time basis. Extensibility is all about giving our partners and customers the ability to tilt the advantage to the defender.

Cb LiveOps is an exciting and developer-friendly new offering that recently GA’d. Available as a service on the PSC, it enables security teams to ask real time questions of all their endpoints and take remediation actions.   

Its underlying extensibility proved very useful for a Carbon Black customer in light of the recent “Super Micro” hardware implant story. While the specifics of that story are still in the air, Cb LiveOps enabled this customer to identify potentially vulnerable endpoints without any product changes. We never designed  Cb LiveOps to to solve for this use case but it’s a great proof point of the power of the architecture.

What makes Cb LiveOps so exciting from an extensibility perspective is that it is based on the popular open source project from Facebook called osquery.  The underlying architectural decision to use an open source tool allows our customers and partners to leverage and contribute to the osquery ecosystem to extend both the breadth and depth of data which can be queried across fleets of endpoints.

The full power of this can be seen as our community identifies use cases and extends the platform to solve problems that the Carbon Black team did not directly design for.  As an architect, nothing makes me more excited than knowing our customers and partners are able to extend the PSC to solve for challenges they face without having to build or deploy net new products.

Extensibility is an important differentiator for the Predictive Security Cloud and Carbon Black.  Enabling developers, customers, IR and MSSP partners, and technology partners to extend the PSC platform allows us all, as an active community, to do more, and faster, than ever before.  


The post Empowering Developers: How Unfiltered Data and Custom Integrations Became a Foundation for Carbon Black appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?