|
|
|
|
|
Bit9 + Carbon Black Integrates with Microsoft Products to Secure Enterprise Endpoints
Published Feb 26, 2015
|
Bit9® + Carbon Black®, the leader in endpoint threat prevention, detection and response, today announced it is working with Microsoft (Nasdaq “MSFT”) to secure enterprise endpoints. This collaboration—the first advanced threat protection platform to integrate with Microsoft anti-malware and exploit prevention tools—will deliver solutions that strengthen security while decreasing the total cost of advanced threat and malware protection across endpoints in both large and small enterprises.
Organizations today need to defend themselves against known malware as well as the advanced threats and targeted attacks unleashed by nation-state actors and cyber criminals to breach enterprises and steal valuable information. As a result, companies worldwide are re-evaluating their endpoint security architecture and investment strategies.
The integration of Bit9 + Carbon Black’s next-generation endpoint threat prevention, detection, and response solution with Microsoft’s System Center 2012 Endpoint Protection (SCEP) anti-malware solution and Enhanced Mitigation Experience Toolkit (EMET) will address the full spectrum of endpoint protection. Because Microsoft customers with System Center Configuration Manager and Enterprise client access license agreements can leverage SCEP and EMET at no additional cost, combining those tools with the Bit9 + Carbon Black solution in a multi-layered, integrated solution enables organizations to arm their endpoints against all forms of malware more effectively and economically than buying multiple antivirus, anti-exploit, and advanced threat endpoint protection products and hoping they work effectively together.
When deployed, Bit9 + Carbon Black with Microsoft SCEP and EMET will deliver a defense-in-depth endpoint security architecture unlike any other available today, with each product satisfying an important and specific requirement:
· Microsoft SCEP: Detection and prevention against known malware.
· Microsoft EMET: Protection against exploit-based attacks for select, critical applications.
· Bit9 Security Platform: Policy-based endpoint system hardening and protection against unknown malware and advanced threats.
· Carbon Black: Continuous endpoint monitoring and recording of endpoint activity for real-time attack detection, response and remediation.
These integrated and complementary capabilities enable numerous automated and streamlined threat prevention workflows. For example, when Microsoft SCEP detects malware or Microsoft EMET blocks an exploit they send their alerts to the Bit9 + Carbon Black solution, which correlates the alerts with the collective intelligence gained from its enterprise-wide DVR-like endpoint recording and its Threat Intelligence Cloud. This layered intelligence now shows security personnel exactly what transpired on the endpoint—before and after the alert—revealing key aspects of the attack vectors and answering questions such as:
· Which machine and user was initially targeted?
· How long has the malware been in the organization?
· What did the malware do before and after the attack?
· How many other machines are now affected?
· Which applications are being exploited?
· How do I clean up my environment?
Security operators can use this contextual information to prioritize response actions, improve and accelerate investigation, globally prevent the malware from executing on every machine in the enterprise, and accelerate remediation.
“Microsoft SCEP and EMET are rapidly gaining adoption in small and large enterprises because of their efficacy and the high ROI that most businesses can achieve because they often have no incremental cost,” said Brian Hazzard, vice president of technical alliances for Bit9 + Carbon Black. “We’re building on that expansion by integrating our next-generation endpoint protection platform with Microsoft’s products so organizations can have a multi-layered endpoint protection strategy with an unbeatable total cost of ownership.”
These integrations will be available in the second quarter of 2015.
Analyst Quote: David Monahan, research director, Security and Risk Management for Enterprise Management Associates
"Both Microsoft and Bit9 + Carbon Black understand that the endpoint, desktop, or server is the final frontier. To get to the data, attackers need to get a foothold on an endpoint because that is both where the users access data from and/or store it. By containing endpoint threats at the moment of execution, Bit9 + Carbon Black and Microsoft are eliminating the ability of malware to spread or data to be exfiltrated. Responders can now perform a laser-focused investigation on the endpoint(s) in seconds, while the scope is still very small, limiting damage and potential data loss.”
Analyst Quote: Jon Oltsik, senior principal analyst for Enterprise Strategy Group
“There was talk last year about antivirus being ‘dead.’ AV is not dead, but enterprise organizations are creating a defense-in-depth endpoint security architecture, adding additional prevention, detection and response capabilities to traditional AV. This may be one reason why recent Enterprise Strategy Group research found that 57 percent of enterprises are apt to replace some commercial AV with freeware and then spend traditional AV dollars on other endpoint security technologies. The integration of Microsoft security tools and Bit9 + Carbon Black’s next-generation security solution aligns with this emerging trend, making it a reality.”
Posted by
VMD - [Virtual Marketing Department]
|
|
|
