Alert Stop Bad Rabbit Ransomware In Its Tracks. Learn more

Excerpts from Risk & Response: Defending Financial Institutions with Cb Response

Carbon Black Case Study
Rick McElroy
Chris Prall
February 9, 2018 / Rick McElroy Chris Prall

Carbon Black recently published a guide on combating the most advanced threats that financial institutions are facing today using the marketing-leading endpoint detection and response solution, Cb Response. For more information on securing large-scale financial enterprises, including how to eliminate the “response gap,” check out Risk & Response: Defending Financial Institutions with Cb Response.


The Weakest Link

The rapid shift in mobility of the workforce has meant that traditional measures to bolster the perimeter security of corporate networks are ineffective when an executive mistakenly clicks a link in a phishing email from the perceived safety of a coffee shop, potentially thousands of miles away from the company’s corporate headquarters. Cyber warfare is now being waged by sophisticated actors and highly-organized nation-states beginning on the endpoint, and most security solutions only selectively collect information about endpoint activity, with little regard for the full context incident responders will need after an incident has occurred. Without a clear picture of activity across the enterprise, financial institutions will never be able to fully understand a cyberattack in the context of the complete attack chain to effectively close security gaps and harden their defenses for the next one.

______________________________________________

 

For more information on defending financial institutions, including how to eliminate the “response gap,” check out our free guide, Risk & Response: Defending Financial Institutions with Cb Response.

Learn More

______________________________________________

 

Maintaining Compliance

 

 

Domain

Cb Response

 

1.   
Cyber Risk Management and Oversight

Change Management
Ensure a state of continuous compliance with the ability to prove that security controls are in place and work effectively, detecting any change in your environment via file integrity monitoring.

Advanced or Automated Analytics
Cb Response offers real-time threat detection and response made possible by the Cb Predictive Security Cloud, which aggregates real-time threat data across the most advanced attacks. This provides instant insight to risk rankings of files, software versions, and publishers.

 

2.   
Threat Intelligence and Collaboration

Monitor and Analyze Systems and Threats
The Cb Predictive Security Cloud is a comprehensive, aggregated advanced threat intelligence platform that combines leading software reputation, threat indicator, and attack classification services to provide some of the industry’s most powerful, correlated and accurate threat insight. Together, Cb Response and the Cb Predictive Security Cloud enable security operations and incident response professionals to define trust policies for multiple forms of advanced threat prevention, build custom detection events tailored to specific business requirements, accelerate investigations during a response, and proactively hunt for threats.

 

3.
Cybersecurity Controls

Prevent, Detect and Respond
Cb Response provides real-time visibility, detection, response in the face of advanced persistent threats and zero day attacks. It allows security professionals to understand the root cause of an attack and immediately take steps to remediate and respond. The responder can isolate a particular endpoint from the rest of the environment to prevent further damage, but maintain the connection to the Cb Response console to enable a detailed investigation into the incident.

 

4.
External Dependency Management

Segmentation and Third-party Security
Using Cb Response, incident responders can contain active intrusions instantly with one click by remotely isolating one or multiple endpoints from communicating with the network. By maintaining an active connection with Cb Response, even while isolated, IR teams can perform more conclusive and surgical investigations on or off the network.

 

5.
Cyber Incident Management and Resilience

Incident Detection, Response, Mitigation and Reporting
Cb Response provides live response for endpoint threat inspection, termination and remediation, allowing staff to understand the current state of an endpoint, perform remote live investigations, intervene with ongoing attacks, and instantly remediate endpoint threats. This enables incident responders to “see” and “touch” endpoints to take immediate action during an investigation — even while the endpoint remains isolated from the rest of the network. Cb Response provides detailed alert notifications via its dashboard and via email, as well as detailed reporting.

 

For security professionals in the finance industry, settling for anything less than full visibility should never be an option. Cb Response enables security teams to see not only what’s happening today, but yesterday, last week, and beyond, allowing analysts to easily hunt through time to quickly close security gaps.

If you want to learn more about how our customers are able to innovate and remain protected against today’s threats, we encourage you to experience Cb Response for yourself and request a demo.


Looking for more information on defending financial institutions? Carbon Black recently published a guide on combating the most advanced threats that financial institutions are facing today using the marketing-leading endpoint detection and response solution, Cb Response. For more information on securing large-scale financial enterprises, including how to eliminate the “response gap,” check out Risk & Response: Defending Financial Institutions with Cb Response.

TAGS: Cb Response / finance / security operations