Why The Unfiltered Data Approach Is So Different
Carbon Black has solved some very difficult security-related data and analytics problems that make our platform unique and differentiated, both today and for the longer term. It all starts with unfiltered endpoint data — or the centralized recording of endpoint activity without filtering anything out. Unfiltered data is essentially the digital equivalent of a surveillance camera for your endpoint.
This unfiltered approach is very different than our endpoint competition, which collects a filtered data set. Other vendors only collect data when they know something is bad, or when they think something is bad. Carbon Black, however, collects everything because attackers intentionally “look normal” in order to hide their attacks.
High-Volume Data Shaping From Endpoint To Cloud
The high volume of data produced by a typical endpoint, without purpose-built technology, consumes too much network bandwidth and costs too much to store and analyze. Carbon Black has invested heavily in proprietary data shaping technologies that allow us to overcome the data pipeline challenge and deliver high-volume endpoint data to the cloud for analysis.
Real-Time Threat Analysis Based on Activity
In order to realize the full potential of this unfiltered endpoint data set, we had to leverage streaming analytics in order to look at behaviors over time. Our real time analytic capabilities are based on event stream processing, the same technology that has transformed many other industries such as credit card fraud detection. Carbon Black is the first to bring event stream processing to endpoint security.