Technology Alliance Partners

Back Home

The Carbon Black Connect Partner Program supports vendor interoperability to help customers build next-generation security infrastructures. Leveraging our Open APIs, Carbon Black has partnered with industry leaders to create integrated solutions that provide end-to-end protection against advanced threats.

As a member of the Carbon Black Connect program, partners can submit their products to Carbon Black for certification and promote interoperability across security solutions.

Partner with Us
If you are interested in becoming a Carbon Black Connect partner, please contact us at

Technology Alliance Partner Listing

Alien Vault

AlienVault’s mission is to enable organizations with limited resources to accelerate and simplify their ability to detect and respond to the growing landscape of cyber threats. Powered by threat intelligence from AlienVault Labs and the AlienVault Open Threat Exchange—the world’s largest crowd‐sourced threat intelligence network — AlienVault USM delivers a unified, simple and affordable solution for threat detection, incident response and compliance management. For more information, visit:


Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred.

To learn more, visit

Attivo Networks

Attivo Networks® is the leader in deception for cybersecurity defense, providing real-time detection and forensic analysis of in-network threats and solutions for continuous threat management and incident response. The Attivo ThreatMatrix Deception Platform detects stolen credentials, ransomware, man-in-the-middle, and targeted attacks within user networks, data centers, clouds, SCADA, and IoT environments by deceiving an attacker into revealing themselves. Comprehensive attack analysis, actionable alerts, and 3rd party integrations empower accelerated incident response and staff resource efficiency. 

Find out more at

Blue Coat Systems

Blue Coat is a leader in enterprise security, providing on-premise, hybrid and cloud-based solutions for protecting web connectivity, combating advanced threats and responding to security breaches. Blue Coat is the global market leader in securing connection to the web and counts nearly 80 percent of the Global Fortune 500 as its customers. For more information, please visit

BrightPoint Security

BrightPoint Security provides a Threat Intelligence Platform that automates the process of collecting, analyzing, correlating and securely sharing structured and unstructured machine‐readable information on current and emerging cyber threats. The BrightPoint Sentinel Platform dramatically increases operational efficiency by reducing the time it takes enterprises to identify and remediate security threats. BrightPoint enables secure and anonymous sharing and ensures control and protection of threat data. BrightPoint reduces discovery time, remediation time, and overall risk to cyber‐threats. For more information, visit:

Check Point

Check Point Software Technologies is the largest pure‐play security vendor globally, provides industry‐leading solutions, and protects customers from cyberattacks with an unmatched catch rate of malware and other types of attacks. Check Point offers a complete security architecture defending enterprises’ networks to mobile devices, in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes. For more information, please visit

Click Security

Click Security provides automated security response to amplify your people, processes, and technology with analytical intelligence that rapidly detects, investigates, and resolves advanced cyber threats. For more information, please visit


Corvil safeguards business in a digital world. Corvil Security Analytics is the most granular real-time network threat detection and forensics platform available. All attacks traverse the network at some point. Corvil identifies malicious activity as it is happening and provides organizations with unequaled visibility and context to detect threats faster, to respond faster, and to streamline forensic investigations. Every packet, every microsecond – live and retrospective.

For more information visit:


The Cyphort Advanced Threat Defense Platform detects advanced malware, prioritizes remediation and automates containment. Cyphort customers benefit from early and reliable detection and fast remediation of breaches across their infrastructure. Cyphorts’ unique approach combines best‐in‐class malware detection with the knowledge of threat severity, value of targeted user and assets, and malware lifecycle to prioritize threats that matter to you while suppressing the noise. For more information, please visit


Damballa is a network security monitoring system that provides evidence of threat‐related activity needed to prevent data theft. They discover criminal operators that have already bypassed perimeter defenses and pose a business risk. Their automated system works in real‐time and over time regardless of the attack vector, device type or OS. Attackers may take time to reveal themselves and when they do, Damballa will expose them and initiate mitigation. Damballa’s patented solutions leverage Big Data from one‐third of the world’s Internet traffic, combined with machine learning, to automatically discover and terminate criminal activity, stop data theft, minimize business disruption, and reduce the time to response and remediation. For more information, visit:


Demisto helps Security Operations Centers scale their human resources, improve incident response times, and capture evidence while working to solve problems collaboratively. Demisto Enterprise is the first comprehensive, Bot-powered Security ChatOps Platform to combine intelligent automation with collaboration. Demisto’s intelligent automation is powered by DBot which works with teams to automate playbooks, correlate artifacts, enable information sharing and auto document the entire incident lifecycle. Demisto is backed by Accel and has offices in Silicon Valley and Tel Aviv.  For more information visit


Exabeam is a user behavior analytics solution that leverages existing log data to quickly detect modern cyber attacks, prioritize security incidents, and accelerate effective response. Exabeam’s Stateful User Tracking automatically creates a complete timeline of every event and anomaly tied to an attack ‐‐ across devices, IP addresses, and credentials and uses that timeline to assess risk and automate many tasks of incident response. As a result, Exabeam not only improves security, but also transforms SOC efficiency and productivity. By operating on existing data and requiring no agents or network taps, Exabeam delivers value within hours, not weeks. For more information, please visit

Facebook ThreatExchange

Learn about threats. Share threat information back. Everyone gets more secure. The Facebook ThreatExchange platform enables participating organizations to share threat data using a convenient, structured, and easy‐to‐use API that provides privacy controls to enable sharing with only desired groups. For more information and apply to join, visit:‐exchange


Fortinet (NASDAQ: FTNT) protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. They are strengthened by the industry’s highest level of threat research, intelligence and analytics. More than 210,000 customers worldwide, including some of the largest and most complex organizations, trust Fortinet to protect their brands.

HP ArcSight

The HP ArcSight Security Intelligence platform helps safeguard your business by giving you complete visibility into activity across the IT infrastructure-including external threats such as malware and hackers, internal threats such as data breaches and fraud, risks from application flaws and configuration changes, and compliance pressures from failed audits. This solution enables you to collect, analyze, and assess IT security, enterprise security and non-security events for rapid identification, prioritization and response.

IBM Security Security

IBM’s security platform provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM operates one of the world’s broadest security research and development, and delivery organizations. For more information, please visit, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog. 


Infoblox delivers network control solutions, the fundamental technology that connects end users, devices, and networks. These solutions enable more than 8,100 enterprises and service providers to transform, secure, and scale complex networks. Infoblox helps take the burden of complex network control out of human hands, reduce costs, and increase security, accuracy, and uptime. Infoblox is headquartered in Santa Clara, California, and has operations in over 25 countries. For more information, visit

iSIGHT Partners

Since 2007, iSIGHT Partners has been recognized as the leader in cyber threat intelligence. Through its established intelligence team made up of over 190 different experts in 16 different countries, the iSIGHT Partners team focuses exclusively on analyzing and understanding the global threat ecosystem, to include threat sources and the methodologies they employ, and partners with its customers’ security and intelligence operations to empower an intelligence-led security strategy that connects intelligence directly to their business.


The Lastline Breach Detection Platform provides comprehensive detection of advanced and evasive threats across your entire enterprise — Operating systems (Windows, Mac OS X, and Android), physical and virtual hosts, services, users, network infrastructure and Web, email, file, and mobile applications. The culmination of more than ten years of R&D specifically focused on advanced and evasive breach weaponry and tactics, Lastline’s flexible software‐based platform allows organizations to scale their breach defenses on a predictable basis, from a single location to any number of remote, branch, and mobile offices. For more information, please visit


LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s award-winning platform unifies next-generation SIEM, log management, network and endpoint forensics, and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides innovative compliance automation and assurance, and enhanced IT intelligence. For more information, please visit


Today’s large enterprises function in an ever-expanding IP space where it can be difficult to have a handle on every network connection, host, and active IP on the network. Because of the constant state of change, the exponentially growing number of connected devices in the enterprise can fall outside of the watchful eye of security management where serious threats can emerge.


Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services, devices and solutions that help people and businesses realize their full potential.

Palo Alto Networks

Palo Alto Networks is the next‐generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyberthreat prevention capabilities, our game‐changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization’s most valuable assets. For more information, please visit


Phantom, an award-winning company, automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger, Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform.

For more information visit:


ProtectWise Grid captures high fidelity network traffic, creates a lasting memory for the network, and delivers real time and retrospective alerting and analysis in a rich, innovative visualizer. By harnessing the power of the cloud, The ProtectWise rovides an integrated solution with complete detection and visibility of enterprise threats and accelerated incident response.

For more information, visit

Red Hat

Red Hat is the world’s leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As a connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT.


RSA Security Analytics offers an enterprise software framework that captures all network traffic and reconstructs the network sessions to the application layer for automated alerting and monitoring, and interactive analysis and review. By having all this information immediately accessible, customers have the agility to respond to emerging threats and forensics investigations, identify broken business processes, mitigate intentional data exfiltration and confront tomorrow’s challenges. For more information, please visit

Splunk Enterprise

Splunk Enterprise is the industry‐leading platform for machine data. Splunk Enterprise provides an easy, fast and secure way to analyze the massive streams of machine data generated by your IT systems and technology infrastructure—whether it’s physical, virtual or in the cloud. Use Splunk Enterprise to troubleshoot problems and investigate security incidents in minutes, not hours or days. Monitor your end‐to‐end infrastructure to avoid service degradation or outages. Gain operational intelligence with real‐time visibility and critical insights into customer experience, transactions and other key business metrics. Splunk Enterprise makes your machine data accessible, usable and valuable across the organization. For more information please visit


Sqrrl is the security analytics company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading threat detection and response platform unites threat hunting, behavioral analytics, and incident investigation capabilities in an integrated solution. Sqrrl’s unique platform approach enables security analysts to discover threats faster and reduces the time and resources required to investigate them.

For more information visit

Threat Connect

ThreatConnect, Inc. is the leading provider of advanced threat intelligence products and services including ThreatConnect, the most comprehensive Threat Intelligence Platform (TIP) on the market. ThreatConnect delivers a single platform in the cloud and on‐premises to effectively aggregate, analyze, and act to counter sophisticated cyber‐attacks. Leveraging advanced analytics capabilities ThreatConnect offers a superior understanding of relevant cyber threats to business operations. To register for a free ThreatConnect account, or to learn more about our products and services, visit:


ThreatQuotient provides ThreatQ, a Threat Intelligence Platform (TIP) that automates, manages, and operationalizes critical threat intelligence, enabling security teams to collaborate and make more informed decisions regarding their security posture. ThreatQ is a cornerstone platform for threat intelligence providing security teams with much‐needed contextual information regarding indicators of compromise (IOC), attack tracking and adversary activity. ThreatQ enables cyber security teams to be smarter, quicker and respond faster to adversary activity in minutes, not hours or weeks. For more information, visit:


Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

Toshiba Commerce

Toshiba Global Commerce Solutions is retail’s first choice for integrated in‐store solutions. The leading supplier of point‐of‐sale systems with a worldwide install base larger than any three major competitors combined, Toshiba is committed to delivering innovative commerce solutions that transform checkout, provide seamless consumer interactions and optimize retail operations. Toshiba, along with our global team of dedicated business partners, provides end‐to‐end solutions, service and support that help clients meet virtually any retail technology need. For more information, visit

Vectra Networks

Vectra Networks is the leader in real-time detection of in-progress cyber attacks. The company’s automated threat management solution continuously monitors internal network traffic to pinpoint cyber attacks as they happen. It then automatically correlates threats against hosts that are under attack and provides unique context about what attackers are doing so organizations can quickly prevent or mitigate loss. Vectra prioritizes attacks that pose the greatest business risk, enabling organizations to make rapid decisions on where to focus time and resources. Visit us at

Wombat Security Technologies

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Wombat’s training solutions help Fortune 1000 and Global 2000 reduce successful phishing attacks and malware infections. For more information visit