The firm said the product is designed to help struggling security teams detect and respond to nefarious endpoint activity, helping to detect and respond to data breaches through what it calls Live Response. When faced with an active attack security teams can isolate an endpoint with one click and intervene to kill any running process.
According to Bit9 + Carbon Black, security teams are currently struggling to manage and prioritise alerts, with many suffering from a lack of visibility. The company's VP of Product Management, Brian Hazzard, says that this is opening organisations up to great risk, as "currently, responders spend hours, days, weeks or even longer just collecting the data necessary to fully enable their response."
Many breaches can also go undetected for month or even years, an issue that Bit9 + Carbon Black claim the new product can dramatically improve upon.
Carbon Black 5.0 is designed to help organisations prepare for a breach by continuously recording endpoint activities, allowing them to play back and track the 'kill chain' of what actions a hacker has executed. In addition, the product provides rapid response to incidents by instantly isolating endpoint threats, terminating attacks, and remediating endpoints. The company claims these new capabilities rapidly reduce the time to detect, terminate and remediate cyber-attacks.
Charles Kolodgy, research vice president - Secure Products for IDC said, "The endpoint security market is crowded with vendors that offer detection and analysis or containment and eradication capabilities. What is missing is a solution that offers a combination of continuous recording of the endpoint state, malicious activity discovery, attack termination by killing processes, and immediate remediation. Carbon Black 5.0 is offering this combination of features."
Image: Isgtock/Pony Wang