Partner Perspectives: Containing and Recovering from Incidents with the Help of Minerva Labs and Car

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Lenny Zeltser is a VP of Products at Minerva Labs, as well as an author and instructor at SANS Institute.

Despite their efforts to prevent intrusions, enterprises can still face large-scale compromises. When organizations discover numerous endpoints infected with malicious code, how can responders quickly contain the attack and recover?

With endpoint security solutions from Carbon Black and Minerva Labs, responders can safely resolve situations without disrupting business.

Malware Containment at the Endpoint

When malware finds its way around preventative defenses and effects multiple endpoints, Minerva’s Anti-Evasion Platform can be deployed to automatically disrupt the malicious code. Minerva’s technology causes evasive threats to terminate themselves, or crash, allowing the system to continue performing critical business functions. This capability is especially useful when it is impractical for a company to quarantine the affected endpoint.

After the malware is neutralized by Minerva’s Anti-Evasion Platform, Carbon Black products Cb Response and Cb Defense continue investigating the incident to reliably assess the nature of the attack, and eradicate the malicious presence from the environment.

Minerva and Carbon Black’s solutions work together so companies can precisely contain incidents in high-stress environments experiencing large-scale compromises.

Recovering from Ransomware Attacks

Organizations can use Carbon Black and Minerva’s solutions to recover from ransomware infections. Minerva’s Anti-Evasion Platform has the ability to restore documents targeted by malware for destruction.

Carbon Black customers can easily interact with this feature by using the Live Response functionality built into Cb Defense and Cb Predictive Cloud. Incident responders can select the Go Live tool to activate an interactive Carbon Black console, which connects with the affected endpoint and leverages Minerva Labs to restore the destroyed documents. This is possible even if Carbon Black is enforcing a quarantine around the infected endpoint by isolating it from the organization’s network.

The image below shows just how easy it is for Carbon Black and Minerva Labs customers to use the Live Response console to direct Minerva Labs to restore documents. This way, files can be obtained quickly and without ransom.  This is one of many ways in which Minerva aids incident responders and strengthens customers’ defense ecosystems that employ other security solutions.

 

The post Partner Perspectives: Containing and Recovering from Incidents with the Help of Minerva Labs and Carbon Black appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
79 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Promoted Content
How the Cloud Solves 10 Endpoint Security Problems for SMBs
Small and medium size businesses (SMBs) are facing massive cyber security challenges. In fact, according to the Verizon 2017 Data Breach Investigations report, 61% of breach victims in the previous year were businesses with fewer than 1000 employees. It’s time to proactively protect your company, and the place to start is your endpoints. Why? Because IDC research found that 70% of successful breaches begin at the endpoint. Traditional endpoint security can result in ten real and tangible problems that require lots of time and resources to address: 1. Managing Infrastructure 2. Preventing New Attacks 3. Getting the Help You Need 4. Identifying Problems 5. Responding Quickly to Threats 6. Keeping Up to Date 7. Securing Remote Workers 8. Integrating Security Products 9. Managing Multiple Agents 10. Slowing Down Endpoints

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel