Partner Perspectives: Orchestrating Endpoint Security with CyberSponse and Carbon Black

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Amit Jain is the Principal Technical Product Manager at CyberSponse.

Today’s network security infrastructures are complex beasts. Increasing mobile and cloud deployments have made managing endpoint security more challenging than ever before. The dynamic and ever-evolving nature of today’s cybersecurity attacks continue to beat traditional defense methods to plant new forms of disguised attacks. Being able to understand the nature of these attacks and respond quickly at all levels of the cyber kill chain is crucial for an effective remediation and containment strategy.

CyberSponse deeply integrates with Carbon Black products, including Cb Defense, Cb Response and Cb Protection, to provide Carbon Black users with a complete solution that leverages CyberSponse’s security orchestration and automation capabilities. This joint solution orchestrates investigation, remediation and containment actions out of a single console to facilitate a robust and dynamic endpoint security solution.

Partnership Overview

CyberSponse and Cb Defense: Cb Defense uses advanced predictive models to analyze complete endpoint data and uncover malicious behavior to stop all types of attacks before they compromise systems.

Using CyberSponse’s automation framework, analysts can:

  • Find a device status
  • Locate events in Carbon Black
  • Receive alerts that include associated events
  • Create and manage security policies and rules in Carbon Black

 

Leveraging this integration, these actions can be made part of investigation, remediation and containment flows to stop malware, ransomware and non-malware attacks effectively, while also ensuring compliance.

CyberSponse and Cb Protection:  Cb Protection is a comprehensive endpoint threat protection solution that is highly effective in locking down systems to stop malware, ransomware, zero-day and non-malware attacks in highly regulated environments.

The integration of CyberSponse and Cb Protection allows analysts to blend actions, such as:

  • Hunt file
  • Block and unblock file or file hash on endpoints
  • Get detailed information about an endpoint
  • Manage approval requests
  • Get policy details and much more.

 

Thus, using the CyberSponse automated playbook framework to help design automated flows, analysts are able to respond much faster and dynamically by blending these actions into their remediation and containment strategies from a single console.

CyberSponse and Cb Response: Cb Response is a highly-scalable, real-time threat hunting and incident response (IR) solution delivering unfiltered visibility for top security operations centers and IR teams. It captures comprehensive information about endpoint events, giving security professionals a clear understanding of what happened. Through the integration with CyberSponse, analysts can leverage the power of visibility that Cb Response provides in their automation workflows.

Actions available through this integration include:

  • Retrieve detailed sensor information and processes
  • Isolate and un-isolate sensors
  • Terminate processes on endpoints
  • Hunt and delete files
  • Block and unblock hashes
  • Search and manage alerts
  • Fetch watchlists

 

This solution presents numerous dynamic possibilities and enables Carbon Black users to build powerful automation workflows to manage endpoint security better than ever before.

With 250+ integrations available through CyberSponse, the above integrations with Carbon Black’s suite of products add immense value for the analysts battling to manage the dynamic and ever-evolving nature of today’s threats, while also ensuring endpoint security. Apart from the integrations, CyberSponse, being a leader in SOAR space, provides a highly configurable and role-based enterprise case management solution and reporting facility that helps store and represent investigation data in the most meaningful manner.

For more details visit carbonblack.com/partner/cybersponse.

The post Partner Perspectives: Orchestrating Endpoint Security with CyberSponse and Carbon Black appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
97 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel