Alert Stop Bad Rabbit Ransomware In Its Tracks. Learn more

VIDEO: Unfiltered Endpoint Data – Tilting The Advantage Back To The Defenders

Adapting Your Defenses to the Attack – The Next Generation of Endpoint Protection (IBM and Cb)
bg-profile-pic
February 8, 2018 / Brian Gladstein

Carbon Black recently produced a free, three-part video series on the origin of unfiltered endpoint data. To hear more from CTO and Co-Founder Mike Viscuso, check out the full Origins of Unfiltered Data video series.


Mike Viscuso founded Carbon Black following a 10-year career in offensive security for the NSA and CIA. Carbon Black was Mike’s first time on the defensive side of cybersecurity. He came to the job with more than just a mastery of the tools and techniques used by attackers; Mike brought a state of mind to defensive security that was distinct.

THINKING LIKE AN ATTACKER

Attackers are like treasure hunters. They are incredibly diligent and relentlessly tenacious. They patiently investigate their targets, gathering every shred of information they can get their hands on to find the weaknesses they can exploit.

It’s that deep attention to detail, amplified by sophisticated tools, which make the best attackers so good at what they do. And Mike, now a defender, was expecting to see the same patterns on the defensive side.

However, after nine months of responding to incidents with the limited tools available to him, Mike sat down and asked his team one question, “Is this it?”

THE SOLUTION IS IN THE DATA

The tools available to defenders were simply never going to catch a guy like Mike, let alone the increasingly sophisticated threats organizations were facing in the years to come. There wasn’t enough information for a defender to adequately do their job.

It was on this principle that Carbon Black was founded: a “surveillance camera” for the endpoint that collects unfiltered data and continuously stores it in a centralized location where defenders can rewind the tape at any time to see what happened.

The key to making this work was to capture activity at the endpoint and centralize it without filtering anything out; in other words, UNFILTERED DATA. Many endpoint security solutions on the market filter out endpoint data that is regarded as unrelated to a threat — but that’s exactly how attackers hide their new techniques. They rely on the inability for defenders to see new patterns.

However, when you capture unfiltered data from the endpoint, you can see these new techniques. You can predict new threats. You can detect and stop new attacks. You can see the patterns others are missing, share them, and the attackers cannot reliably use those techniques again.

Unfiltered data is how we tilt the advantage back to the defender. Hear Mike’s own words here.


Carbon Black recently produced a free, three-part video series on the origin of unfiltered endpoint data. To hear more from CTO and Co-Founder Mike Viscuso, check out the full Origins of Unfiltered Data video series.

Watch the Full Series

TAGS: Mike Viscuso / Predictive Security Cloud / unfiltered data / visibility