Story image

Carbon Black brings 80 tech partners together for new security integrations

29 Mar 18

Endpoint security company Carbon Black has announced a new technology partner program designed to improve cyber security offerings, with over 80 technology partners building more than 120 supported integrations.

The program - known as the Carbon Black Integration Network (CbIN) - has seen the likes of Juniper Networks, LogRhythm, Phantom and many others building productised integrations on Carbon Blacks’ Predictive Security Cloud (PSC), while leveraging Cb’s open APIs.

Carbon Black director of technology alliances Jim Raine says, “The Carbon Black Integration Network was built on the premise that a collective defence strategy is the foundation of any good security posture.

“By integrating solutions across each security stack, every new addition brings new functionality to a customer’s entire security architecture. Security teams gain immediate insight and quickly derive more value from existing security investments.

“We’ll continue to empower our entire ecosystem by adding integrations so companies can easily adopt and use solutions that fit their specific needs,” Raine says.

LogRhythm VP of marketing and business development Matt Winter says the integrations they’re building as a part of CbIN will provide customers with increased Network visibility.

"LogRhythm and Carbon Black are empowering security teams to identify behavioural anomalies, detect internal and external threats, and prioritise responses utilising enterprise-class security analytics that leverage machine learning and advanced scenario modeling,” Winter says.

"By integrating with the Cb Predictive Security Cloud (PSC), LogRhythm provides security teams with complete visibility across their cloud and physical IT environments for faster, more efficient threat detection and response."

Carbon Black says CbIN will help alleviate some of the major challenges currently facing security teams, such lack of expertise and limited visibility across the security stack.

It says CbIN will provide a network of widely used and emerging pre-integrated solutions that use their API, which is the same API customers can leverage to build their own integrations.

CbIN represents vendors, customers and security technologists that have leveraged Carbon Black’s open APIs to build integrations designed to benefit everyone.

Blue Cross Blue Shield (Carbon black customer) senior IT security specialist Derick Reisman says, “We’ve always employed a proactive security strategy that protects against advanced threats.

“Carbon Black’s open APIs are central to this strategy – they’ve enabled us to pull threat intelligence from Carbon Black into our SIEM to keep us more secure and extend the visibility of our data to our users.

Some examples of the open-sourced integrations delivered as a part of CbIN include;

  • Export all process execution and endpoint network connection events through the real-time ‘Event Forwarder’.
  • Send all Carbon Black data to another storage mechanism such as Hive or Hadoop
  • Scan all collected binaries against Yara signatures
  • Perform standard queries, but process the data in a script to output it in a certain way to support things like reporting, period queries and enriched process trees.
  • Consume threat indicators from CRITS
  • Subscribe to network connections and plot them on a world map.

Rich Hlavka, Phantom VP of business development says, “By leveraging Carbon Black’s game-changing technology, the Predictive Security Cloud, Phantom is further empowering security teams with unmatched visibility, advanced analytics, and simplified workflow.”

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Verifi takes spot in Deloitte Asia Pacific Fast 500
"An increasing amount of companies captured by New Zealand’s Anti-Money laundering legislation are realising that an electronic identity verification solution can streamline their customer onboarding."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.