Partner Perspectives: Containing and Recovering from Incidents with the Help of Minerva Labs and Car

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Lenny Zeltser is a VP of Products at Minerva Labs, as well as an author and instructor at SANS Institute.

Despite their efforts to prevent intrusions, enterprises can still face large-scale compromises. When organizations discover numerous endpoints infected with malicious code, how can responders quickly contain the attack and recover?

With endpoint security solutions from Carbon Black and Minerva Labs, responders can safely resolve situations without disrupting business.

Malware Containment at the Endpoint

When malware finds its way around preventative defenses and effects multiple endpoints, Minerva’s Anti-Evasion Platform can be deployed to automatically disrupt the malicious code. Minerva’s technology causes evasive threats to terminate themselves, or crash, allowing the system to continue performing critical business functions. This capability is especially useful when it is impractical for a company to quarantine the affected endpoint.

After the malware is neutralized by Minerva’s Anti-Evasion Platform, Carbon Black products Cb Response and Cb Defense continue investigating the incident to reliably assess the nature of the attack, and eradicate the malicious presence from the environment.

Minerva and Carbon Black’s solutions work together so companies can precisely contain incidents in high-stress environments experiencing large-scale compromises.

Recovering from Ransomware Attacks

Organizations can use Carbon Black and Minerva’s solutions to recover from ransomware infections. Minerva’s Anti-Evasion Platform has the ability to restore documents targeted by malware for destruction.

Carbon Black customers can easily interact with this feature by using the Live Response functionality built into Cb Defense and Cb Predictive Cloud. Incident responders can select the Go Live tool to activate an interactive Carbon Black console, which connects with the affected endpoint and leverages Minerva Labs to restore the destroyed documents. This is possible even if Carbon Black is enforcing a quarantine around the infected endpoint by isolating it from the organization’s network.

The image below shows just how easy it is for Carbon Black and Minerva Labs customers to use the Live Response console to direct Minerva Labs to restore documents. This way, files can be obtained quickly and without ransom.  This is one of many ways in which Minerva aids incident responders and strengthens customers’ defense ecosystems that employ other security solutions.


The post Partner Perspectives: Containing and Recovering from Incidents with the Help of Minerva Labs and Carbon Black appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?