Published on October 4, 2018
By Nitin Agale, Senior VP of Products for Securonix
Your endpoints are a valuable part of your enterprise structure. They are the computers your employees use and the servers your company depends on. Defending your endpoints is important, but it’s critical that your endpoint defense is just one part of your overall holistic security strategy.
By integrating a cloud-delivered endpoint security solution, such as Cb Defense, with a next-generation SIEM platform, such as the Securonix Next-Gen SIEM, your overall security stature can be improved. Together, Carbon Black and Securonix provide continuous protection and prevention in a single agent that proactively stops virus, malware, ransomware and non-malware (otherwise known as fileless malware) attacks.
Securonix Next-Gen SIEM
Built on big data, Securonix Next-Gen SIEM combines log management, security incident and event management (SIEM), and user and entity behavior analytics (UEBA) into a complete, end-to-end platform that can be deployed in its entirety or in flexible, modular components. It collects massive volumes of data in real time, uses patented machine learning algorithms to detect advanced threats, and provides actionable security intelligence to accelerate response efforts.
Cb Defense by Carbon Black is a cloud-delivered endpoint security solution that combines next-generation antivirus and endpoint detection and response (EDR) capabilities into a single agent. Built on the Cb Predictive Security Cloud™ platform, Cb Defense supports a variety of powerful endpoint security services through a single agent and unified console.
How It Works
Securonix analyzes endpoint intelligence gathered by Cb Defense and consumed by Carbon Black’s REST APIs. This information provides additional context used in the Securonix platform to support threat detection and investigation processes. User behavior information from Cb Defense is also used to enrich behavioral analysis.
Image 1: Carbon Black’s administrative portal provides an overview of malware types along with attacks that have been stopped and potential suspicious activity.
Image 2: Securonix provides a real-time updated list of top threats, top violators and watchlists, among others, which provides security analysts with a single pane of glass to view pertinent security threats.
- Improved Protection: Strengthen your defenses against known, unknown and fileless attacks.
- Full Visibility: With complete visibility into endpoint activities, security gaps are easy to see and easy to close.
- Clear Alerts: Alerts are delivered with actionable context so effective response efforts can begin immediately.
- Easier investigation: Security incidents can be investigated more easily with actionable intelligence and complete visibility.
- Enriched Analytics: Leverage endpoint user behavior data from Cb Defense to enrich behavioral analysis and add additional depth and predictive analytics to the investigation.
Learn more about Securonix Next-Gen SIEM with integrated EDR capabilities from Cb Defense here.
Securonix transforms enterprise security with actionable intelligence. Using a purpose-built security analytics platform, Securonix quickly and accurately detects high-risk threats to your organization. For more information visit securonix.com.
About Carbon Black
Carbon Black (NASDAQ: CBLK) is a leading provider of next-generation endpoint security delivered via the cloud. Leveraging its big data and analytics cloud platform – the Cb Predictive Security Cloud – Carbon Black consolidates prevention, detection, response, threat hunting and managed services into a single platform with a single agent and single console. For more information visit www.carbonblack.com.