Carbon Black has acquired next generation antivirus company Confer in a deal which rounds out the company’s endpoint security platform and drives its next generation endpoint security into new markets.
Kane Lightowler, Carbon Black Asia Pacific managing director, says the deal greatly expands the company’s total addressable market.
Carbon Black has traditionally served the high end security market, with its foothold in large telcos, banking, payment processors, government and other organisations with ‘really high-end security requirements’.
“With the acquisition of Confer we have added a next generation antivirus into the portfolio which has both depth from a technology perspective and mass market appeal,” Lightowler says.
“Versus our high end security products, it is much easier to deploy although it is still powerful enough to stop the more sophisticated attacks that the traditional technologies and our competitors are struggling to protect their customers from.”
Carbon Black is pulling no punches about its plans, saying it is targeting Symantec, Palo Alto Networks, Cylance and CrowdStrike with a disruptive zero gap protection.
“Gartner’s 2016 Endpoint Protection Magic Quadrant showed 44% of reference customers for the old guard have been compromised during the last year,” Lightowler says.
“That makes it clear the traditional way of protecting systems is failing,” he says.
“The threat landscape has changed quite significantly but those technologies that the vast majority of [organisations] rely on, like antivirus, don’t protect from today’s threats. And they don’t protect from today’s threats because they are designed to protect from known threats.
“With ransomware and today’s sophisticated attacks, the bad guys build a targeted attack and specifically just use it once against an organisation. So protection technologies that leverage signatures are now ineffective.”
Lightowler says many modern attacks are also leveraging things such as Powershell, script-based attacks or in-memory based attacks.
“They’re using tools legitimately installed on Windows, maliciously. There’s not necessarily a virus file as such, they’re using a legitimate tool in an illegitimate way and that’s where behavioural based detection is important.”
Confer’s offering, which will now be known as Cb Defense, combines behavioural-based prevention techniques with integrated detection and response capabilities. Carbon Black says its cloud-based, deep analytics approach blocks both malware and the increasingly common malware-less attacks exploiting memory and scripting languages, such as PowerShell.
Once malware is blocked Cb Defence provides visibility into how the attack happened, enabling security problems to be fixed pro-actively.
The company says the lightweight sensor installs in less than a minute and consumes less than 1% of the CPU, disk and network, and can be completely managed from the cloud via a web-based interface.
Lightowler says the acquisition means organisations of all sizes can address their endpoint security requirements through a single platform, with the Confer model cloud-based, highly scalable and multi-tenant.
“This acquisition of Confer is in line with our vision of having a world safe from cyber-attacks,” Lightowler says. “In order to do that we believe we need to deliver a complete endpoint security platform and this is a step towards that.
“We believe it is a pretty transformational moment for Carbon Black as it dramatically increases that market opportunity that we have.”