Carbon Black announced the Q3 2017 release of the company’s next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution named Cb Defense. Powered by “Streaming Ransomware Prevention” technology, Cb Defense is the market’s first NGAV plus EDR solution to protect organizations from ransomware by detecting and preventing against fileless attacks or unknown tactics. The latest version of Cb Defense also includes Carbon Black’s popular “Live Response” capability from Cb Response, it is leveraged by 1,700 enterprise customers globally. With Live Response, enterprises can remediate an attack within minutes and immediately quarantine an endpoint to limit damage, fix the issue, and restore service.
Streaming Ransomware Prevention
The latest release of Cb Defense uses “Streaming Ransomware Prevention,” expanding on Carbon Black’s breakthrough “Streaming Prevention” technology. This innovation influence event-stream processing, the same technology that revolutionized algorithmic day-trading, to continuously update risk profiles based on a stream of computer activity. When multiple actions is happening at the same time, potentially malicious events occur in a cluster, Cb Defense will block the attack, whether file-based or file-less.
By building upon an event-stream model, rather than the file-based signature approach used by ineffective legacy antivirus solutions, Cb Defense is able to:
Detect and prevent ransomware attacks, even if the attack uses an unknown file or no file at all.
Work online or offline, protecting systems from the most dangerous ransomware, even if they are disconnected from the corporate network or the cloud.
Enable smooth operations with virtually no performance impact for end-users.
Provide no additional resource burden to constrained security and IT teams.
“Ransomware has quickly evolved to become one of the most threatening attack methods used by modern cybercriminals,” said Patrick Morley, Carbon Black’s president and chief executive officer. “With the Q3 2017 release of Cb Defense, Carbon Black empowers enterprises to leverage the full power of our cloud scalable architecture and streaming prevention, equipping security teams with the ability to detect, prevent and respond to evolving attacks.”
Bringing Live Response to Cb Defense
The latest version of Cb Defense incorporates Carbon Black’s popular “Live Response” capability from Cb Response. With this functionality, security professionals have a centralized, high-powered remediation console empowering them to respond to attacks in progress within minutes, minimizing business impact. Live Response has become a mission-critical capability for Carbon Black customers and, now as a part of Cb Defense.
With “Live Response,” Cb Defense helps organizations take full control during the most critical moments of an attack. Competing legacy solutions simply inform businesses about security issues, and often require other systems or people to resolve them. “Live Response” in Cb Defense benefits organizations by:
Giving security teams one interface to quarantine as well as remediate an endpoint and then restore service.
Providing easy access to any endpoint for gathering information, extracting memory dumps, and running scripts for full remediation in minutes.