ChannelLife Australia - Industry insider news for technology resellers
Story image
Carbon Black brings 80 tech partners together for new security integrations
Thu, 29th Mar 2018
FYI, this story is more than a year old

Endpoint security company Carbon Black has announced a new technology partner program designed to improve cyber security offerings, with over 80 technology partners building more than 120 supported integrations.

The program - known as the Carbon Black Integration Network (CbIN) - has seen the likes of Juniper Networks, LogRhythm, Phantom and many others building productised integrations on Carbon Blacks' Predictive Security Cloud (PSC), while leveraging Cb's open APIs.

Carbon Black director of technology alliances Jim Raine says, “The Carbon Black Integration Network was built on the premise that a collective defence strategy is the foundation of any good security posture.

“By integrating solutions across each security stack, every new addition brings new functionality to a customer's entire security architecture. Security teams gain immediate insight and quickly derive more value from existing security investments.

“We'll continue to empower our entire ecosystem by adding integrations so companies can easily adopt and use solutions that fit their specific needs,” Raine says.

LogRhythm VP of marketing and business development Matt Winter says the integrations they're building as a part of CbIN will provide customers with increased Network visibility.

"LogRhythm and Carbon Black are empowering security teams to identify behavioural anomalies, detect internal and external threats, and prioritise responses utilising enterprise-class security analytics that leverage machine learning and advanced scenario modeling,” Winter says.

"By integrating with the Cb Predictive Security Cloud (PSC), LogRhythm provides security teams with complete visibility across their cloud and physical IT environments for faster, more efficient threat detection and response."

Carbon Black says CbIN will help alleviate some of the major challenges currently facing security teams, such lack of expertise and limited visibility across the security stack.

It says CbIN will provide a network of widely used and emerging pre-integrated solutions that use their API, which is the same API customers can leverage to build their own integrations.

CbIN represents vendors, customers and security technologists that have leveraged Carbon Black's open APIs to build integrations designed to benefit everyone.

Blue Cross Blue Shield (Carbon black customer) senior IT security specialist Derick Reisman says, “We've always employed a proactive security strategy that protects against advanced threats.

“Carbon Black's open APIs are central to this strategy – they've enabled us to pull threat intelligence from Carbon Black into our SIEM to keep us more secure and extend the visibility of our data to our users.

Some examples of the open sourced integrations delivered as a part of CbIN include;

  • Export all process execution and endpoint network connection events through the real-time ‘Event Forwarder'.
  • Send all Carbon Black data to another storage mechanism such as Hive or Hadoop
  • Scan all collected binaries against Yara signatures
  • Perform standard queries, but process the data in a script to output it in a certain way to support things like reporting, period queries and enriched process trees.
  • Consume threat indicators from CRITS
  • Subscribe to network connections and plot them on a world map.

Rich Hlavka, Phantom VP of business development says, “By leveraging Carbon Black's game-changing technology, the Predictive Security Cloud, Phantom is further empowering security teams with unmatched visibility, advanced analytics, and simplified workflow.