Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Carbon Black Introduces Cb ThreatHunter, Delivering Advanced Threat Hunting and Incident Response (IR) Capabilities on the Cb Predictive Security Cloudâ„¢ (PSC)

October 2018 by Patrick LEBRETON

Cb ThreatHunter leverages unfiltered data on the PSC, an endpoint security platform with a single agent and single console to consolidate prevention, detection, response, managed services and advanced threat hunting

Carbon Black introduced Cb ThreatHunter, delivering powerful, new, advanced threat hunting and IR capabilities on the Cb Predictive Security Cloud (PSC). The new offering will be the fourth service delivered on the PSC this year. The Cb ThreatHunter announcement was made from the company’s sold-out annual user conference, #CbConnect18, in New York.

LIVESTREAM: Sign up to view a livestream of the #CbConnect18 keynotes by clicking here

Adding Advanced Threat Hunting to the PSC

Cb ThreatHunter is delivered through the PSC, Carbon Black’s powerful endpoint
protection platform that consolidates multiple critical endpoint security
capabilities supporting both IT and security operations, including: next-generation
antivirus (NGAV) + endpoint detection and response (EDR); advanced threat hunting
and IR; virtualised data center security; real-time endpoint query and remediation;
and managed threat hunting and triage.

Threat Hunting Powered by Continuous Collection of Unfiltered Data

Most EDR and IR tools on the market collect only a limited set of historical data.
As a result, SOCs and IR teams struggle to get their hands on the information they
need to investigate, proactively hunt and remediate.

Cb ThreatHunter solves this problem by continuously collecting unfiltered data,
giving security teams all the information they need to: proactively hunt threats,
uncover suspicious behavior, disrupt active attacks, repair damage quickly and
address gaps in defenses. Investigations that often take days or weeks can be
completed in just minutes with Cb ThreatHunter.

Inspired by Cb Response, an EDR market pioneer with more than 2,000 active
customers, Cb ThreatHunter is a brand new product, built from the ground up on the
PSC, offering security teams advanced threat hunting and IR capabilities,
including:

More Powerful Search Fields: Cb ThreatHunter equips security teams with the ability
to flexibly hunt threats, even if an endpoint is offline. With this level of
visibility, researchers can see what happened at every stage of an attack with
intuitive attack-chain visualisations, and uncover advanced threats, while
minimising attacker dwell time. This insight provides immediate answers with
comprehensive behavioral context to stop attacks as quickly as possible.

Enhanced Threat Intel Matching: Cb ThreatHunter’s sophisticated detection combines
custom and cloud-delivered threat intel, automated watchlists and integrations with
the rest of the security stack to efficiently scale hunting across the enterprise.
This advanced level of detection allows security teams to proactively explore
environments for abnormal activity, leverage cloud-delivered threat intelligence and
automate repeat hunts. Additionally, the PSC’s platform extensibility allows
developers to create custom watchlists to power real-time detection and correlate
data across the security stack.

Elastic Cloud Scalability: Cb ThreatHunter is natively built on the PSC, allowing
security teams to rapidly deploy and scale the solution across their enterprise
without investing in (or maintaining) on-premise infrastructure. By eliminating
these costs and processes, Cb ThreatHunter enables teams to simplify their
operations and focus their energy on hunting and responding to threats.

Cb ThreatHunter will be generally available in November 2018.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts