Carbon Black,
the leader in next-generation endpoint security, today unveiled
"Streaming Prevention," a cybersecurity technology that redefines the
Next-Generation Antivirus (NGAV) market by combining a breakthrough
prevention model with market-leading detection and response to stop both
malware and non-malware attacks.
"Streaming
Prevention" is the core technology powering Cb Defense, Carbon Black's
NGAV solution, which can prevent, detect and respond to the most
advanced cyber attacks, including non-malware attacks.
Non-malware
attacks gain control of computers without downloading malicious
software. Instead, they use trusted, native operating system tools, such
as PowerShell, and exploit running applications, such as browsers, to
"live off the land." These attacks pose a bigger risk than malware
attacks because they are harder to detect and cause more damage.
Virtually every organization was targeted by such an attack in 2016,
according to Carbon Black research.
In
protecting against non-malware attacks, "Streaming Prevention" is a
fundamentally different approach to endpoint prevention than taken by
Cylance, McAfee, Symantec and other antivirus (AV) vendors.
Streaming Prevention
Carbon
Black's "Streaming Prevention" technology can prevent both malware and
non-malware attacks by leveraging event stream processing, the same
technology that revolutionized algorithmic day-trading. Similar to
algorithmic day-trading applications, "Streaming Prevention"
continuously updates a risk profile based on a steady stream of computer
activity. When multiple, potentially malicious events occur in
succession, "Streaming Prevention" blocks the attack.
This
breakthrough in prevention leapfrogs machine-learning AV, which focuses
exclusively on files and does nothing to target an attacker's
behaviors. These behaviors often include leveraging trusted applications
to "live off the land" to remain undetected.
Legacy
AV solutions and static, machine-learning approaches focus on detecting
malware at the point-in-time it is written or executed. In contrast,
"Streaming Prevention" empowers security teams to see and stop a cyber
attack at any point during the attack cycle, well before a system can be
compromised.
Cb Defense customer, Fuli Chavez, Sr. Security Operations Analyst at DA Davidson: "‘Streaming
Prevention' is a game-changing technology. By combining NGAV with
market-leading detection and response technologies into a single agent,
Cb Defense protects our organization from the most advanced cyber
attacks, including non-malware attacks. The solution can be deployed
within minutes from the cloud or management systems and is virtually
invisible to our end-users."
"Carbon
Black is continuously innovating to stay at the forefront of
cybersecurity, and we have a long history of helping organizations all
over the globe protect their endpoints," said Patrick Morley, Carbon
Black's president and chief executive officer. "‘Streaming Prevention'
marks a significant breakthrough in the NGAV market. With Cb Defense,
our customers can confidently replace legacy antivirus and achieve a
level of endpoint protection that redefines what it means to be ‘safe.'"
Cb Defense's Market-Leading Detection and Response
As
founder of the endpoint detection and response (EDR) market, Carbon
Black brings world-class detection and response capabilities to Cb
Defense. Cb Defense combines prevention, detection and response into a
single offering, giving security teams complete visibility over their
enterprises. Cb Defense captures all endpoint activity to feed automated
threat-hunting algorithms and detect threats using intelligence from
the Carbon Black Collective Defense Cloud.
With
Cb Defense, security teams can visualize an attack's full "kill chain"
to understand what's happening every step of the way, making response
and remediation faster than ever before.
Cb Defense's market-leading detection and response offer:
Attack Stream Visualization - Investigate an attacker's origins, motivations and tactics with intuitive visual mapping.
Root-Cause Analysis - Uncover the root cause of an attack in minutes and close security gaps instantly.
Automated Threat Hunting - Conduct
automatic threat hunting across an enterprise by combining captured
endpoint activity with aggregated threat intelligence from the Carbon
Black Collective Defense Cloud.
One Agent, One Console, Cloud Delivered
Cb
Defense's breakthrough prevention technology, "Streaming Prevention,"
combines with market-leading detection and response in a single agent
and is viewed in a single console. Cb Defense is delivered via the
cloud, so there are no hardware or storage costs. The solution
deploys in 15 minutes.
Lightweight and Easy
Cb
Defense has virtually no impact on systems and users, occupying less
than one percent of CPU and less than one percent of disk.
Cb
Defense's new, powerful UI gives teams complete control over their
security, immediate access to what needs attention, and a view into what
attacks were recently stopped. Simple dashboards highlight the most
pertinent issues.
For more information, visit ngav.carbonblack.com