Cb Connect 2018 | Power of You | Register Now


Yes, We’re Saying “Stop All Attacks.” Here’s Why.

February 14, 2017 / Michael Viscuso

The number of cybersecurity billboards and signs between SFO and the entrance to the Moscone Center at RSA are enough to cover the entire square footage of Northern California.

“Machine Learning”

“Artificial Intelligence”

“Redefining Next-Gen”

“Stop All Attacks”


You’re not allowed to say “Stop ALL Attacks” in cybersecurity!

This week at RSA (and beyond) Carbon Black is telling you to “Replace AV” and “Stop All Attacks.” It’s a bold statement and many of you have noticed. (Thank you for the text messages and emails, by the way.)

Everyone in security knows there is no silver bullet. That’s why saying “Stop All Attacks” raises eyebrows. I’ll be the first to tell you that no single product can prevent all cyberattacks all the time.

If you work in security, though, that’s precisely what you’re being asked to do.

You are not being asked to stop “some” attacks or “the most attacks that you can.”

You are being asked to “stop all attacks.” Especially since it takes just one attack to lead to a crippling data breach.

When we say “Stop All Attacks,” it’s for two reasons:

  1. We want you to take pause and reconsider what constitutes an attack. Attacks are not just about malware anymore. Attacks are increasingly leveraging non-malware tactics. In fact, non-malware attacks accounted for 53% of breaches in 2016. To defend your organization, you need to be able to stop all forms of attacks, not just malware.

  2. We’re confident that Carbon Black empowers your team with the best technology on the market to prevent, detect and response to all forms of attacks, including non-malware attacks.

In saying “Stop All Attacks,” we’re intentionally forcing you to look at attacks as more than just malware and then empowering your team to stop attacks in a number of ways:

  1. Cb Defense’s Streaming Prevention on Endpoints – Cb Defense, our NGAV, uses streaming prevention to prevent both malware and non-malware attacks in real time. In contrast to legacy AV and machine-learning AV, streaming prevention monitors more than just files. It looks for the activity of applications and services, including communications among processes, inbound and outbound network traffic, unauthorized requests to run applications, and changes to credentials or permission levels. When a cluster of malicious behaviors indicate an attack, Cb Defense shuts it down immediately.

  2. Cb Defense’s Converged Detection and Response – In security, prevention is not always enough. By leveraging event stream processing, Cb Defense combines prevention, detection and response into a single, lightweight, solution. Many competing solutions attempt to provide prevention, detection and response into a single product, but utilize separate models for all three facets. Since Carbon Black’s detection engine is built on the same technology as our prevention and response engines, the flow among prevention, detection and response is seamless, empowering organizations to capture all endpoint activity, hunt threats in real time and find the root cause of attacks.

  3. Unmatched visibility and integrated defenses – To be truly effective, endpoint security must give you the visibility to see everything that’s occurring on your enterprise. This way, if prevention does fail, you are able to see quite clearly what an attack is attempting to do and stop it well before it can cause any damage. Your endpoint security solution should also fit into a larger security ecosystem. If you have world-class analytics, you should be able to leverage them. With Carbon Black, you can. If you have another security technology that you’d like to couple with Carbon Black, you can do that too. Carbon Black empowers you to customize and shape your environment by integrating with other technologies right out of the box.

  4. Critical Systems Lockdown – for an additional layer of defense, Cb Protection enables security teams to lockdown their critical systems. Cb Protection is proven to be the strongest form of prevention on the market, blocking 100% of attacks in the latest Advanced Endpoint Protection (AEP) test from NSS Labs.

At RSA (and beyond), we’re confidently saying “Stop All Attacks,” not because we think our product can literally stop every cyberattack on Earth but because we empathize with your position and can empower you to do better.

In your job, you are being asked to “Stop All Attacks.” We believe that by giving you the ability to prevent, detect and respond to both malware and non-malware attacks, Carbon Black is putting you in the best position possible to do just that.

TAGS: Carbon Black / NGAV / rsa / Stop All Attacks