sb-nz logo
Story image

Carbon Black 'redefines nextgen antivirus' with Confer acquisition

Carbon Black has acquired next generation antivirus company Confer in a deal which rounds out the company’s endpoint security platform and drives its next generation endpoint security into new markets.

Kane Lightowler, Carbon Black Asia Pacific managing director, says the deal greatly expands the company’s total addressable market.

Carbon Black has traditionally served the high end security market, with its foothold in large telcos, banking, payment processors, government and other organisations with ‘really high-end security requirements’.

“With the acquisition of Confer we have added a next generation antivirus into the portfolio which has both depth from a technology perspective and mass market appeal,” Lightowler says.

“Versus our high end security products, it is much easier to deploy although it is still powerful enough to stop the more sophisticated attacks that the traditional technologies and our competitors are struggling to protect their customers from.”

Carbon Black is pulling no punches about its plans, saying it is targeting Symantec, Palo Alto Networks, Cylance and CrowdStrike with a disruptive zero gap protection.

“Gartner’s 2016 Endpoint Protection Magic Quadrant showed 44% of reference customers for the old guard have been compromised during the last year,” Lightowler says.

“That makes it clear the traditional way of protecting systems is failing,” he says.

“The threat landscape has changed quite significantly but those technologies that the vast majority of [organisations] rely on, like antivirus, don’t protect from today’s threats. And they don’t protect from today’s threats because they are designed to protect from known threats.

“With ransomware and today’s sophisticated attacks, the bad guys build a targeted attack and specifically just use it once against an organisation. So protection technologies that leverage signatures are now ineffective.”

Lightowler says many modern attacks are also leveraging things such as Powershell, script-based attacks or in-memory based attacks.

“They’re using tools legitimately installed on Windows, maliciously. There’s not necessarily a virus file as such, they’re using a legitimate tool in an illegitimate way and that’s where behavioural based detection is important.”

Confer’s offering, which will now be known as Cb Defense, combines behavioural-based prevention techniques with integrated detection and response capabilities. Carbon Black says its cloud-based, deep analytics approach blocks both malware and the increasingly common malware-less attacks exploiting memory and scripting languages, such as PowerShell.

Once malware is blocked Cb Defence provides visibility into how the attack happened, enabling security problems to be fixed pro-actively.

The company says the lightweight sensor installs in less than a minute and consumes less than 1% of the CPU, disk and network, and can be completely managed from the cloud via a web-based interface.

Lightowler says the acquisition means organisations of all sizes can address their endpoint security requirements through a single platform, with the Confer model cloud-based, highly scalable and multi-tenant.

“This acquisition of Confer is in line with our vision of having a world safe from cyber-attacks,” Lightowler says. “In order to do that we believe we need to deliver a complete endpoint security platform and this is a step towards that.

“We believe it is a pretty transformational moment for Carbon Black as it dramatically increases that market opportunity that we have.”

Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Link image
The importance of data resilience in the current cybersecurity climate
Protecting an organisation's data is one of the most crucial functions of any CISO. Strategies should be in place where data is stored securely and cost-effectively.More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More