Kenna Security, the enterprise provider in risk-based vulnerability management, and VMware Carbon Black, a provider in cloud-native next-generation endpoint security, are partnering to power the vulnerability assessment and risk scoring capabilities of Carbon Black Cloud WorkloadTM. As a result of this partnership, enterprises running VMware Carbon Black Cloud Workload will be able to efficiently and effectively prioritise critical vulnerabilities and reduce risk to their servers and workloads. Cloud security “As organisations continue their journey towards cloud transformation and application modernisation, it’s time to rethink cloud security,” said Patrick Morley, Senior Vice President and General Manager of VMware Carbon Black. “VMware Carbon Black Cloud Workload will introduce a new approach to cloud security, extending protection to the workload level to reduce the attack surface. “ "Utilising Kenna Security’s vulnerability assessment, we will be able to deliver an intuitive, transparent approach that breaks down barriers between security and operations teams to empower organisations to gain control of vulnerability management programs to better secure critical servers and workloads.” VMware Carbon Black is able to provide an elegant solution to a long-standing challenge in enterprise cybersecurity By leveraging Kenna Security capabilities, VMware Carbon Black is able to provide an elegant solution to a long-standing challenge in enterprise cybersecurity. Many organisations have the capacity to patch only a fraction of the vulnerabilities threatening their environments. Prioritising vulnerabilities Additionally, traditional scanning is often too cumbersome for the large number of endpoints in their environment. Although not all vulnerabilities pose a proven risk of weaponisation, the challenge for organisations is identifying which vulnerabilities to focus on. With the inclusion of Kenna’s vulnerability assessment capabilities, VMware Carbon Black Cloud Workload is able to efficiently focus resources on the specific critical vulnerabilities facing each organisation. Reducing risk “The relationship between security teams and vCenter admins is critical for maintaining uptime and protecting cloud workloads, but it simply doesn’t work effectively when these teams are speaking different languages with different priorities,” said Karim Toubba, Chief Executive Officer at Kenna Security. “Vulnerability management is not only about finding the most vulnerabilities—it’s also about fixing the right ones. By leveraging Kenna Security, VMware Carbon Black Cloud Workload will help organisations align on prioritising vulnerabilities so they can improve their security intuitively, reducing risk while also becoming more efficient at the process as a whole.” Real-time infrastructure and software inventory data VMware Carbon Black will leverage Kenna Security’s inference technology to analyse real-time infrastructure VMware Carbon Black will leverage Kenna Security’s inference technology to analyse real-time infrastructure and software inventory data collected by VMware Carbon Black, in order to identify and prioritise vulnerabilities based on Kenna’s robust, contextual data. This will give organisations utilising VMware Carbon Black Cloud Workload full visibility into their vulnerability environment without having to run authenticated scans or deploy yet another cumbersome agent. Six-month unlimited free trial By utilising Kenna’s proven data science techniques in the application of machine learning and natural language processing to uniquely curate and customise threat datasets, including more than 15 exploit and threat intelligence feeds and more than 7 billion managed vulnerabilities, VMware Carbon Black will give organisations the power to apply Kenna’s predictive modelling to forecast the weaponisation of new vulnerabilities with a confirmed 94 percent accuracy rate, and then prioritise their remediation activities based on the risk of exploitation. VMware customers can experience the advanced new solution with a six-month unlimited free trial of VMware Carbon Black Cloud Workload Essentials, available for all current vSphere 6.5 and VMware Cloud Foundation 4.0 customers.
Carbon Black, a pioneer in next-generation endpoint security delivered via the cloud, introduced Cb ThreatHunter, delivering powerful, new, advanced threat hunting and IR capabilities on the Cb Predictive Security Cloud (PSC). The new offering will be the fourth service delivered on the PSC this year. The Cb ThreatHunter announcement was made from the company’s sold-out annual user conference, #CbConnect18, in New York. “One year ago, at Cb Connect in San Francisco, we outlined our vision to rapidly extend the Cb Predictive Security Cloud to make it easier for our customers to move off legacy AV and address multiple security use cases through a single cloud platform and single sensor,” said Patrick Morley, Carbon Black’s Chief Executive Officer. “With the addition of Cb ThreatHunter, this market-leading platform will have five offerings and delivers customers the ability to prevent, detect, respond to, predict and now, hunt threats in the cloud using a single agent, single console and single platform.” Adding advanced threat hunting Investigations that often take days or weeks can be completed in just minutes with Cb ThreatHunter Cb ThreatHunter is delivered through the PSC, Carbon Black’s powerful endpoint protection platform that consolidates multiple critical endpoint security capabilities supporting both IT and security operations, including: next-generation antivirus (NGAV) + endpoint detection and response (EDR); advanced threat hunting and IR; virtualised data centre security; real-time endpoint query and remediation; and managed threat hunting and triage. Most EDR and IR tools on the market collect only a limited set of historical data. As a result, SOCs and IR teams struggle to get their hands on the information they need to investigate, proactively hunt and remediate. Cb ThreatHunter solves this problem by continuously collecting unfiltered data, giving security teams all the information they need to: proactively hunt threats, uncover suspicious behaviour, disrupt active attacks, repair damage quickly and address gaps in defences. Investigations that often take days or weeks can be completed in just minutes with Cb ThreatHunter. Enhanced anomaly detection Cb ThreatHunter further enhances our ability to deliver rapid incident detection and response to our global customers" “Cb ThreatHunter has simplified incident response by allowing quick discovery of both simple and advanced threats, and quickly making decisions to take conclusive actions,” said Denis Xhepa, IT Systems Security Engineer of MidCap Financial Services. “Its simplicity and responsiveness are amazing, especially when you are running an investigation where every minute matters. When I find something, I can prevent it for the future, and also look for other related or similar things. All this can be done very intuitively. Anomaly detection is also going to be enhanced by the backend intelligence applied to the data. Endpoint security used to be difficult.” “The combination of rapidly searchable, unfiltered endpoint data for advanced threat hunting, combined with an array of prevention and response capabilities built-in to one endpoint sensor is a significant step forward. Cb ThreatHunter further enhances our ability to deliver rapid incident detection and response to our global customers,” said Marc Brawner, Principal at Kroll’s Cyber Risk practice. Minimising attacker dwell time Inspired by Cb Response, an EDR market pioneer with more than 2,000 active customers, Cb ThreatHunter is a brand-new product, built from the ground up on the PSC, offering security teams advanced threat hunting and IR capabilities, including: Cb ThreatHunter equips security teams with the ability to flexibly hunt threats, even if an endpoint is offline More Powerful Search Fields: Cb ThreatHunter equips security teams with the ability to flexibly hunt threats, even if an endpoint is offline. With this level of visibility, researchers can see what happened at every stage of an attack with intuitive attack-chain visualisations, and uncover advanced threats, while minimising attacker dwell time. This insight provides immediate answers with comprehensive behavioural context to stop attacks as quickly as possible. Custom watchlists for real-time detection Enhanced Threat Intel Matching: Cb ThreatHunter’s sophisticated detection combines custom and cloud-delivered threat intel, automated watchlists and integrations with the rest of the security stack to efficiently scale hunting across the enterprise. This advanced level of detection allows security teams to proactively explore environments for abnormal activity, leverage cloud-delivered threat intelligence and automate repeat hunts. Additionally, the PSC’s platform extensibility allows developers to create custom watchlists to power real-time detection and correlate data across the security stack. Elastic Cloud Scalability: Cb ThreatHunter is natively built on the PSC, allowing security teams to rapidly deploy and scale the solution across their enterprise without investing in (or maintaining) on-premise infrastructure. By eliminating these costs and processes, Cb ThreatHunter enables teams to simplify their operations and focus their energy on hunting and responding to threats.
Cloud-based access control and occupancy management to safeguard workplacesDownload
Wireless Access Control eBookDownload
How security systems ensure healthy workplaces during COVID and afterDownload
How are AI and analytics changing physical security, and what should we expect next?Download