849 matches found
How Live Query Will Change The Way You Do Vulnerability Management
It’s no secret that, without the right set of tools, vulnerability management can be tedious and exhausting. With slow, manual processes it can take weeks to identify and remediate issues. And the work itself is often dull, sifting and searching without yielding real results. Live Query...
3 Cybersecurity Takeaways from Ocean’s 8 (Note: Spoiler Alert!)
I love watching movies. A few days ago, I watched the movie "Ocean's 8" with my wife, and I found this movie was a perfect education material for the cyber security experts. Here are my 3 takeaways from the movie: 1 You think you are protected? Think again… Remember in the movie, the hacker "9-ba...
Partner Perspectives: Defense in Depth with Carbon Black and ProtectWise
Ramon Peypoch is the Chief Product Officer for ProtectWise. Navigating the number of enterprise security point products used to defend against today’s threat landscape can be overwhelming. Some sources say the average enterprise uses 75 security products to secure its network. Reducing the number...
Cb Response Named Leader in EDR Space by Forrester
Last quarter, Forrester created a report assessing the state of the EDR market and how vendors stack up against one another. A variety of companies were evaluated in three key areas: The strengths and weaknesses of their current offerings. Forrester cited key criteria to include: alerting...
September 4, 2018 – Morning Cyber Coffee Headlines – “September” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! September 4, 2018 - Headlines Carbon Black in the News: Carbon Black builds out...
Carbon Black Report: 46% of Incident Response Professionals Experience Counter Incident Response
Quarterly Incident Response Threat Report Executive Summary/Highlights Proactive Incident Response Even as a steady drumbeat of headlines keeps the world’s attention focused on cybercrimes such as ransomware and cryptojacking, in the dark corners of the internet, attackers are busy refining their...
Cb Protection 8.1 Makes Replacing Legacy Antivirus On Critical Systems and Servers Easier Than Ever
Cb Protection, has a long history of innovation in the market. Many have referred to Cb Protection as a pioneer in the application control market. Application control also known as whitelisting is used to lock down critical systems and servers. It's also one of the strongest forms of protection a...
Partner Perspectives: Creating Your Own Threat Hunting Army
Idan Bellayev is the head of security research for empow. Cyber intelligence is one of the strongest tools that can be used to combat a potential attacker. Accessing the information needed to build cyber intelligence from a reliable source is typically difficult and very expensive - but it doesn’...
Threat Analysis: Recent Attack Technique Leveraging cmd.exe and PowerShell Demonstrates How Attackers Are Using Trusted Microsoft Applications for Malicious Behavior
An attack leveraging cmd.exe and PowerShell was recently investigated by Cb ThreatSight analysts. Our initial investigation discovered that a batch file was executed on the targeted system. This batch file then invoked PowerShell with a base64 encoded command. Decoding the command revealed a seri...
Partner Perspectives: Extend Visibility Without Expanding Your Team
The best partnerships seem destined from the start - Han Solo and Chewbacca, Mario and Luigi - even newer partners, like Groot and Rocket. The best partners combine their strengths to expand the opportunities available to them. This is true of partnerships in cybersecurity stay with us here. Bett...
Why Should CISOs Should Care About Live Query?
If you’re a CISO, you are most likely focused on three things: 1. Strong security efficacy 2. Operational efficiency 3. Business enablement To address this, many organizations are adding layers of security tools to their technology stack, putting stress on their security and IT operations teams,...
Cb Customer Spotlight Series: Q&A with Hologic’s Ryan Manni
Being able to influence Carbon Black products through the Cb Defenders Design Partner Program is one Ryan Manni’s favorite aspects of being a Carbon Black customer. Ryan Manni is the current Manager of Security Operations at Hologic, an innovative medical technology company primarily focused on...
Announcing “Cb Threat Hunters,” Carbon Black’s First Skill-Based Program
Carbon Black is excited to announce “Cb Threat Hunters,” the company’s first skill-based program debuting at Cb Connect 2018. Cb Threat Hunters gives you the opportunity to develop your threat-hunting skills to stay ahead of evolving attacks. With this program, our expert team will arm you with t...
Cb Customer Spotlight Series: How Purdue Federal Credit Union Achieves Critical System Lockdown
Featuring Dee Lucas, Sr. Network Administrator at Purdue Federal Credit Union Leading financial institution, Purdue Federal Credit Union, serves over 71,000 members nationwide. This makes security of the utmost importance for Sr. Network Administrator Dee Lucas who supports Purdue Federal’s SOC...
The Key to EDR You Didn’t Know You Were Missing
It’s no longer enough for companies to simply “keep up” in the world of cybersecurity. To prevent attackers from infiltrating your systems, you need to be one step ahead at all times. It’s no wonder, then, that the majority of companies are spending more on cybersecurity than ever before.1 While...
Parity Pledge: Carbon Black’s Continued Commitment to Diversity & Inclusion
Carbon Black knows that unique ideas come from unique perspectives, which is why we’ve focused on creating a more diverse and inclusive workplace. Our team has built out initiatives to support our current workforce and continues to seek out new opportunities to attract and hire diverse members to...
10 Endpoint Security Problems Solved by the Cloud – Managing Infrastructure
This week marks our final post in this series. Today we’re going to step away from last week’s topic, getting the help you need, and examine how the cloud eliminates the need to manage infrastructure. On-Prem is Complex and Costly On-premise solutions require a massive amount of resources and fun...
Partner Perspectives: Detect All Devices, Respond to All Threats
Michael Tanji is the Chief Operations Officer for Senrio. The ability to detect and respond to cyber threats in a timely manner is an essential capability of every security-minded enterprise. Endpoint detection and response EDR solutions, such as Carbon Black’s Cb Response, are a critical compone...
10 Endpoint Security Problems Solved by the Cloud – Getting The Help You Need
Last week we looked at how the cloud helps you respond quickly to threats. This week, we’re going to examine why the cloud outperforms traditional AV when it comes to getting the help you need. It's You vs. Them Once upon a time, viruses were produced by individual hackers who were more intereste...
What Can Application Control Do For You?
In past blogs, we’ve taken a look at application control and the best practices for successful deployment. Today we’re going to shift gears slightly, and highlight the reasons some companies have chosen this practice. Whitelist With Flexibility It seems counterintuitive to put “whitelisting” and...
Partner Perspectives: Security Orchestration as a Catalyst for Proactive Incident Response
Meny Har is the VP of Product for Siemplify. Benjamin Franklin famously advised the fire-threatened residents of Philadelphia, “An ounce of prevention is worth a pound of cure.” And while being proactive may have been effective for fire prevention, the approach does not translate into the impendi...
Partner Perspectives: Attivo + Carbon Black Integration Delivers Advanced, Continuous Threat Management and Response
Joseph Salazar is the Technical Deception Officer for Attivo Networks. Cyber attackers have repeatedly proven that they can gain access to the networks of even the most security-savvy organizations. Whether the attacker finds their way in through the use of stolen credentials, zero-day...
Carbon Black Announces Cb LiveOps, a New Offering on the Cb Predictive Security Cloud (PSC), Delivering Real-Time Query and Response
Today is another exciting day for Carbon Black! Earlier, we announced the release of Cb LiveOps™- the newest offering built on our Cb Predictive Security Cloud™ PSC. a platform delivering complete endpoint prevention, detection, and response, all from a single agent. Cb LiveOps extends core...
August 1, 2018 – Morning Cyber Coffee Headlines – “Care Bears” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 1, 2018 - Headlines Carbon Black in the News: Robbing Banks Isn’t The Sa...
10 Endpoint Security Problems Solved by the Cloud – Responding Quickly To Threats
In this week’s installment of 10 endpoint security problems solved by the cloud, we’re going to step away from last week’s topic, identifying problems, and examine how the cloud helps organizations respond quickly to threats. Speed is Critical Attackers move quickly, and your ability to respond...
Case Study: A Cryptomining Attack — With an Assist From Advanced Malware Techniques
In Carbon Black's Quarterly Incident Response Threat Report QIRTR, some of the world’s leading incident response IR professionals reported seeing an uptick in lateral movement, counter incident response, and island-hopping attacks from motivated nation-states. In the case study below, Kroll notes...
Partner Perspectives: The Target Strikes Back – Predicting the Persistent Attacker
Idan Bellayev is the head of security research for empow. Predicting cyber-attacks has long been an elusive goal in the cyber-security industry. Methods such as Lockheed Martin's Cyber Kill Chain evangelized the idea that staying one step ahead of your adversary is the way to defeat advanced,...
10 Endpoint Security Problems Solved by the Cloud – Identifying Problems
Last week we looked at how the cloud keeps your endpoints from becoming sluggish and pointed out why it is uniquely positioned to predict new threats. This week, we’re going to examine why the cloud outperforms traditional antivirus when it comes to identifying problems. Can't Fix What You Can't...
Carbon Black Report: 35% of IR Pros See Espionage as Primary Motive for Attackers
Fraught Geopolitical Tensions Play Out in Cyberspace In an effort to gauge the current attack landscape and to quantify the latest attack trends seen by leading IR firms, Carbon Black has introduced its Quarterly Incident Response Threat Report QIRTR. This report aggregates both qualitative and...
The First Step to Deploying Application Control
Application Control remains one of the best techniques for blocking the vast majority of malware threats; however, implementation often falters due to poor planning. Gartner How to Successfully Deploy Application Control Is Whitelisting Worth It? When it comes to preventing new attacks,...
Iron Rain: Cybersecurity Is an Ever-Changing Battlefield
Editor's Note: This is the final blog in a three-part series, "Iron Rain" from Tom Kellermann and Rick McElroy. Part 1: Iron Rain: What Defines a Cyber Insurgency? Part 2: Iron Rain: Gaining Situational Intelligence to Make Rapid Decisions Part 3: The ever-changing battlefield. Just like in comba...
Partner Perspectives: How Axonius and Carbon Black Make Seeing and Securing All Assets Radically Simple
Back in the 1990s, visibility and security were much easier. In the workplace, users connected their laptops and desktops to a network through a cable. Asset inventory was as simple as walking from cubicle to cubicle or entering specs into a spreadsheet. And then, of course, things became much mo...
Carbon Black Report: China, Russia & North Korea Launching Sophisticated, Espionage-Focused Cyberattacks
Even as a steady drumbeat of headlines keeps the world’s attention focused on cybercrimes, such as ransomware and cryptojacking, in the dark corners of the internet, attackers are busy refining their craft. According to the world’s top incident response IR professionals, cyberattackers are honing...
Iron Rain: Gaining Situational Intelligence to Make Rapid Decisions
In our previous article we introduced the idea of cyber insurgency and irregular warfare. Building on effective techniques from the Marine Corps, we now want to discuss combating the threat. COUNTERINSURGENT FORCES MUST UNDERSTAND THE ENVIRONMENT As destructive attacks surge, integrity attacks...
10 Endpoint Security Problems Solved by the Cloud – Slowing Down Endpoints
This week we will continue our investigation into the top 10 endpoint security problems the cloud solves. Our blog today moves on from the last dilemma we discussed, securing remote workers, and examines the issue of slowing down endpoints. Legacy AV Slows Down Endpoints Traditional AV is as...
Iron Rain: What Defines a Cyber Insurgency?
“A fool pulls the leaves. A brute chops the trunk. A sage digs the roots.” - Pierce Brown The western world is currently grappling with a cyber insurgency. The widespread adoption of the “kill-chain” coupled with the use of memory resident malware has fueled the cyber-attack wild fire. The securi...
Cb Customer Spotlight Series: Q & A with Project Worldwide’s Thomas Munson
Everyday, Carbon Black customers are working together to keep their organizations safe from cyber attacks. To share the knowledge our customers have with the greater security community, we are excited to announce the launch of the Cb Customer Spotlight Series. The Cb Customer Spotlight Series...
10 Endpoint Security Problems Solved by the Cloud – Securing Remote Workers
In last week’s post, we talked about how the cloud solves the problem of managing multiple agents. In this week’s blog, we’re going to look at a security challenge that almost every company faces: Securing Remote Workers. Remote Workers Are A Security Risk Advances in technology are creating...
Partner Perspectives: Containing and Recovering from Incidents with the Help of Minerva Labs and Carbon Black
Lenny Zeltser is a VP of Products at Minerva Labs, as well as an author and instructor at SANS Institute. Despite their efforts to prevent intrusions, enterprises can still face large-scale compromises. When organizations discover numerous endpoints infected with malicious code, how can responder...
What’s The Deal with Application Control?
Enterprise use of application control, on at least some PCs, will increase from 30% in 2017 to over 50% by 2022. It’s no secret that application control is one of the most effective ways to ensure the privacy and security of data. By allowing only preapproved files to run, application control has...
Carbon Black TAU Threat Analysis: Recent Dharma Ransomware Highlights Attackers’ Continued Use of Open-Source Tools
In June of 2018, an organization contacted the Carbon Black Threat Analysis Unit TAU about a ransomware attack they were currently investigating. TAU team members worked with the firm investigating the incident. After the initial analysis was completed, it became apparent that this network had be...
SC Media Awards Cb Defense, Cb ThreatSight 5 Out of 5 Stars
"During testing, Cb Defense performed as a top-quality endpoint security program…Great intuitive cloud platform with an armament of modern security technologies with a quick implementation into your business environment." - SC Media "Carbon Black also offers Cb ThreatSight as an add-on, which is...
Excerpts from Modern Bank Heists – Data Gathering
Carbon Black recently published a report on how to gather data to improve the security posture of your enterprise. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo...
Partner Perspectives: Revealing the Future – Carbon Black and the Predictive Security Cloud (PSC)
Editor's Note: This blog and accompanying image originally appeared on LinkedIn Pulse and are being republished with permission from the author. I was recently given the privilege of attending a conference at Langkawi Island in Malaysia: the Carbon Black conference hosted at Berjaya Resort. The...
10 Endpoint Security Problems Solved by the Cloud – Managing Multiple Agents
So far in this blog series, we’ve discussed the state of endpoint security, and the challenges of keeping systems up to date and integrating multiple products. This installment will take a look at how the cloud solves our third challenge: managing multiple agents. Too Much To Keep Track Of A good...
Medibank Private Finds the Cure for Ransomware with Carbon Black
Editor's Note: A form of this article originally appeared on CSO.com. Like most large businesses, health insurer Medibank Private was regularly experiencing a few of what CISO Stuart Harrison calls “significant incidents” every month. Its predominantly antivirus-based security defences were missi...
Excerpts from Modern Bank Heists – Nation State Threats
Carbon Black recently published a report on the latest non-malware attack methods, and how to counteract them. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo,...
Why VPNFilter is like a Moonlight Maze
On May 25, the FBI issued a public service announcement asking every Internet ready American to reboot their routers. The PSA specifically warned small and home office owners that they are particularly vulnerable to “foreign cyber actors” A.K.A. spies that are using malware called VPNFilter to...
Cb ThreatSight Investigation Reveals RETADUP Worm Leverages AutoIt to Launch Monero Cryptomining Campaign
While monitoring a customer’s environment, the Carbon Black ThreatSight team discovered a series of unusual alerts. Further investigation of the suspect processes revealed these alerts were related to an attacker leveraging the open-source Monero framework to launch a crypto-mining campaign. Afte...
10 Endpoint Security Problems Solved by the Cloud – Integrating Security Products
This blog is the third in the series: 10 Endpoint Security Problems Solved by the Cloud. Last week we investigated how cloud based security solutions are able to keep software up to date. This week we’re tackling problem 2: Integrating security products. Your Systems Are Siloed Cybersecurity isn’...