Every enterprise endpoint and server is a defenseless blind spot for advanced threats. Traditional defenses such as antivirus are unable to detect or stop stealthy attacks orchestrated by malicious actors, or help companies respond to security incidents. Bit9 and Carbon Black, which announced their merger on Feb. 13, 2014, empower security teams to prevent, detect and respond to advanced attacks on their endpoints and servers in real time. Paired with Check Point Software Technologies’ next-generation firewall and threat emulation solutions, Bit9 and Carbon Black’s advanced threat protection capabilities extend the power of Check Point Threat Emulation solution to every endpoint and server, minimizing the overall attack surface, and accelerating incident response.
The integration of Bit9 and Carbon Black with Check Point solves four key security challenges:
· Prioritize alerts: Automatically correlate Check Point Threat Prevention network alerts with real-time endpoint sensor and recorder data to determine which alerts are actionable and prioritize them based on the number of systems infected.
· Rapidly respond to alerts: Gain instant visibility into file execution events, file system modifications, registry changes, and unique binary execution data to understand if a malicious file executed, to locate every instance of the suspicious file across all endpoints and servers, and to accelerate incident response if required.
· Prevent Attacks: Reduce the total threat surface with advanced, signature-less prevention policies to lock down high-risk endpoints, servers and fixed-function devices while leveraging the Check Point Threat Emulation Service to perform real-time analysis of suspicious files and immediately stop malicious software from executing on remaining endpoints and spreading throughout your enterprise.
· Analyze Files: Submit files arriving on endpoints and servers automatically or on-demand to the Check Point Threat Emulation Service to quickly determine the risk of each file and whether it needs to be stopped.
“Check Point’s network protection and threat emulation capabilities, combined with Bit9 and Carbon Black’s advanced threat security and incident response solutions, will deliver complete end-to-end protection,” said Dorit Dor, vice president of products at Check Point Software Technologies. “We look forward to this partnership with Bit9 and Carbon Black driving security innovation and technical excellence for our customers and partners.”
Brian Hazzard, vice president of product management for Bit9, said: “Integrating the Check Point Threat Emulation Service with the Bit9 Security Platform, now with Carbon Black, extends real-time malware prevention, detection, analysis and response to every endpoint and server. Attacks and compromise are the new normal but complete lock down of every machine is unrealistic. The best protection is to secure as many endpoints and servers as possible and put the rest in a ‘detect-detonate-deny’ posture that allows for real-time security policy enforcement as threats appear. This is exactly the operational value and closed-loop integration we will deliver as result of our partnership with Check Point.”