Cb Connect 2018 | Power of You | Register Now


Archive: The Converged Endpoint – Punch Above Your Weight

The Converged Endpoint - Punch Above Your Weight
February 10, 2016 / Paul Morville

(Editor’s Note: On July 19, 2016 Carbon Black announced its acquisition of Confer. The enclosed blog was originally posted on Confer’s website on February 10, 2016.)

It might have something to do with the U.S. presidential race, but there’s been a lot of talk lately about the shrinking middle class in America. I’ll leave that to the politicians, but in the IT security world, there certainly is a huge gap today between the security capabilities of super-rich organizations and those of the IT middle class. It doesn’t have to be that way.

As the first vendor to offer “converged endpoint security”, Cb Defense allows organizations to punch above their weight−protecting endpoints, servers and cloud workloads by leveraging security approaches very similar to those used by the best-funded IT organizations.

Before continuing, let me put some things in context. Today it’s almost a cliché for security professionals to claim that we’re “losing the war”, meaning we aren’t getting better at InfoSec or we can’t stay ahead of rapidly evolving attacks and attackers. But that’s not necessarily true for everyone.

Currently, the largest organizations—such as mega-banks and the military—have the resources to excel at IT security. Sure, they don’t catch everything, but they are definitely getting better in the face of a relentless and well-armed adversary. These behemoths spend up to 30% of the IT budget on infosec, with an annual price tag that can top $300 million. They have the money and expertise to develop and/or integrate innovative security tools in-house. They’re able to block a high percentage of attacks, and they quickly learn from and adapt to the small percentage of attacks that manage to evade their defenses. At Cb Defense, we call this capability Adaptive Security Operations (or Adaptive SecOps.)

Just one tier down from this elite group, it’s a different story. Security might command only 10% of the IT budget; in extreme cases, I’ve seen as little as 1% set aside to protect a multi-billion dollar company. Under these circumstances, security teams are forced to rely on security tools that are outdated, siloed and inefficient. These tools allow too many attacks to get through, are often disruptive to users, and offer no post-incident value. They offer no explanation as to how the attack happened or it’s motivation. There’s little opportunity to learn.

It is with this InfoSec middle class in mind that Cb Defense developed the “Converged Endpoint”, which marries real-time endpoint telemetry, advanced data science and automation to provide prevention, detection and incident response in a lightweight, easy-to-use product that doesn’t require you to hire a new team or invest in lots of training. Cb Defense examines attacks across millions of endpoints, servers and cloud workloads, disrupting most attacks while constantly learning and adapting to new adversarial techniques. In doing so, we’re able to stay ahead of evolving threats.

However, Cb Defense is about more than just blocking attacks. It also empowers security teams to:

  • Automate investigations, identifying the who, what, when, where and how of an attack
  • Reduce the time needed to make decisions and perform triage
  • Reduce the skill sets required for front-line responders.

In short, we approach security in the same way as the best-funded companies on the planet, but we package our solution so “the other 99%” of the broad enterprise market can also leverage the protections of the Converged Endpoint. In turn, organizations can automatically analyze, evolve and eliminate manual processes, reducing the burden on security staff while ensuring security adapts to your business and your constantly changing technology and security landscape.

TAGS: converged endpoint / SecOps