Partner Perspectives: Revealing the Future – Carbon Black and the Predictive Security Cloud (PSC)

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

(Editor’s Note: This blog and accompanying image originally appeared on LinkedIn Pulse and are being republished with permission from the author.)

I was recently given the privilege of attending a conference at Langkawi Island in Malaysia: the Carbon Black conference hosted at Berjaya Resort. The event had all the elements of a quality conference; engaging presenters, interesting content and fantastic networking opportunities. From a private cabin overlooking the sea, with monkeys and other wildlife running rampant (including Geckos crossing the stage during presentations!), the ambience outside the conference events was like paradise. Add in fantastic food and dinner with a performance on the beach; and there was very little that could have made it better!

Before I go on, this article will be slightly different to my usual opinion format; since in this case I am writing in the capacity of my role at The Missing Link, as an architect “Vendor Champion” for Carbon Black. Regardless, I am genuinely excited to see that Carbon Black has been working on something I wish all vendors had been focusing on for many years… so please do read on!

Consolidated Endpoint Security

One of my biggest gripes for many years has been the excessive complexity of “holistic” security. Far too often is the impact on both end users and staff overlooked from people, process and technology perspectives. Achieving a “secure” operating environment has often comprised of a pea-soup mishmash of agents and processes, resulting in a challenge through heavy footprint, complex management through multiple consoles and interfaces, disjointed data and reporting, and of course; mixed levels of efficacy. This is no more obvious than with the multitude of endpoint solutions out there that offer everything under the sun from Web Browser extensions to DLP. This is a problem, as many vendors spread themselves too thin in an effort to grab a wider market share, rather than focusing their efforts on doing what they do exceptionally well. This, I’m grateful to see, is not the case with Carbon Black.

Rather than focus on ancillary features, Carbon Black has gone back to basics and focused on the data. The result of their efforts is a consolidated cloud-hosted platform; the “Predictive Security Cloud”, or PSC for short. This is a master-stroke by Carbon Black, as it enables consolidation of all Carbon Black’s offerings into one agent with one console, underpinned by a single “dataset” shared by all components. I will dive into this a bit further in a moment, as this sentence alone doesn’t come even close to presenting how important this approach is for security in general!

Exceptional Visibility

I alluded to earlier the challenge of disjointed data, reporting and management. It’s no mean feat to bring order in such a chaotic state that is security on an endpoint in this day and age. Gone are the days where we install an “Anti-Virus” agent and update it from a 3.5″ floppy disk on a weekly (if that!) basis. These days, bare essentials of endpoint security encompass everything from user training to application whitelisting. For those of you familiar with existing Carbon Black offerings, including Cb Protect (Application Whitelisting), Cb Response (Incident Response) and Cb Defense (Next-Gen Anti-Virus and EDR) – you would no doubt be familiar with the different consoles, deployment models and types of data collected by each. Through the Predictive Security Cloud; Carbon Black aims to consolidate all these offerings into a single platform; starting with Cb Defense. At this point, you may be thinking – why is this any different from vendor x or y? But think back to the basics of functionality that only cloud offers; (near) infinite scalability and resources… add to it a mountain of data, intelligent algorithms and analytics, and voila! “Predictive Security.”

This “Predictive” approach is unique and could only be enabled through a unified vision “focus” on data (incidentally, Focus was actually the name of the Carbon Black conference). There’s a bit of a nuance to Carbon Black’s approach here. Most of us working in security would be familiar with the very “reactive” approach to data collection with most security products. Leveraging the cloud to its fullest, data is being collected constantly by endpoints, on the assumption that a threat is only a threat once it has been identified.

Maximising an Existing Investment

I’d be hard pressed to name an organisation that doesn’t have at least *some* on-premises virtual infrastructure somewhere within their environment. It’s even harder to name a company that isn’t using VMware to host that virtual infrastructure. Improved hardware utilisation is one of the key benefits associated with virtualisation; since rather than having 100 servers running at 10% utilisation, you may have 10 servers running at 50% utilisation to host the same workload. This has now moved into the next generation of data centre, the “software defined data centres” (SDDC) – but carries with it the same challenges on how to protect it.

Carbon Black has developed an exclusive partnership with VMware, in developing Carbon Black for VMware. The partnership sees a tightly-integrated solution with VMware’s AppDefense offering, enabling the ability to stop both malware and non-malware on virtual infrastructure; without the need for heavy security applications wasting resources on every individual virtual machine. The resulting solution enables automated and orchestrated response from a central management console.

Having visibility and central consoles is only useful if a business has the skills and technology to utilise it. However, not every business has the resources to operate their own incident response team or SOC. To fill this gap, Carbon Black has announced a managed threat-hunting service known as “ThreatSight”. Offering 24×7 coverage and triage, backed by global threat intelligence and a team of world-class experts; the service offers an early warning system and root cause analysis of threats identified through Cb Defense.

Where to next?

Like any vendor, there are components to a roadmap that are tightly-guarded secrets that cannot be revealed. Those which were revealed include vulnerability and patch management, which could be very exciting developments indeed!

There’s a good reason The Missing Link chose Carbon Black as our Tier 1 vendor for endpoint security. There are many vendors in this industry, but few offer true enterprise-grade solutions that cover the full attack chain with the level of integration being promised. Whilst it will take some time to realise the full vision of a tightly-integrated platform offered by the Predictive Security Cloud; you can rest assured that the best is yet to come!

The post Partner Perspectives: Revealing the Future – Carbon Black and the Predictive Security Cloud (PSC) appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
69 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Promoted Content
7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Everyday companies put more of their assets in digital form. Healthcare records, retail purchases and personnel files are just some of the many examples of how our entire lives have moved online. While this makes our interconnected lives more convenient, it also makes them more vulnerable to attack. The monetary benefits of exploiting these vulnerabilities have created an extremely profitable underground economy; one that mimics the same one we all participate in and has led to an increase in the sophistication and frequency of attacks. At the same time, mobility and cloud are changing the security landscape. We’ve moved from a centralized to a decentralized model as end users increasingly work on-the-go and access critical business applications and resources from anywhere. As such there is more emphasis on the endpoint and individual identities - from both the defender and the attacker - than ever before. As endpoints become smarter, new challenges emerge: emerging ransomware and 0-day exploits infect all kinds of systems with ease, while many attackers use no malware at all to accomplish their malicious goals. With all this change, we spoke to 7 leading security experts to identify what’s working and how they’ve influenced their organization to make the necessary changes before becoming the next victim.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel