Alert Stop Bad Rabbit Ransomware In Its Tracks. Learn more

Unlock Your SOC with Exabeam and Carbon Black

cb+exabeam
JimRaineHS1
May 15, 2018 / Jim Raine

Endpoints are not safe. There I’ve said it. The network boundaries are gone and endpoints are left exposed directly to threats. Just like watching my kids move out of the house and worrying about how they will fare in the world on their own, we have to realize endpoints are no longer protected by those firewalls, intrusion systems, network analytics solutions, and monitoring used to secure our networks. Even the term “our networks” seems out of place. So much of “our network” is now a coffee shop, security seminar, home office, hotel, or airport. The applications we use are hosted in cloud environments not under our control. Our data is stored on shared systems where we purchase a slice of storage space. The hard reality is our endpoints are exposed to millions of new threats and our focus on non-interconnected systems is putting our companies at risk.

Many of us realize the only way to defend ourselves is leveraging interconnected security solutions. No one vendor has all the answers. Seriously I’ll say it again, NO one vendor has all the answers. The only way to provide any chance of securing our networks is when vendors collaborate together, creating integrated solutions allowing proactive security posture that arms skilled teams with the people, processes, and technology to rapidly hunt and detect cyber threats. Speed stops breaches! Interconnected systems like those in the Carbon Black Integration Network, empower the customer beyond a simple security stack, increasing triage efficiency by clearing out the noise to rapidly respond.

The partnership between Exabeam and Carbon Black allows customers to ingest valuable endpoint data into Exabeam’s platform for behavioral analysis. This holistic analysis combines Carbon Black data with that of other security solutions in a customer environment for the purpose of detecting complex attacks from insider threats and lateral movement. Additionally, Exabeam can trigger automated incident response of detected threats using Carbon Black’s Open APIs. The integration of Carbon Black and Exabeam provides additional value to joint customers in terms of increased detection of advanced threats and lateral movement, as well as reduced incident response times; all while utilizing their existing security investments.

A proactive approach to security will ensure that every new attack serves as an opportunity to harden your defenses. Each time you uncover a new threat or vulnerability in your environment, you’ve stumbled on a chance to automate that hunt in the future to ensure that your time is always spent taking action on the latest intel, not manually repeating last month’s hunts every day.

Let’s choose to protect “our networks”. Are you IN? #CbIN

TAGS: CbIN / Integration Network / SOC