Integration of Bit9 + Carbon Black Next-Generation Endpoint Protection Platform with Microsoft Security Tools Delivers Complete Endpoint Security with Lower Total Cost of Ownership
WALTHAM, Mass.—February 25, 2015—Bit9® + Carbon Black®, the leader in endpoint threat prevention, detection and response, today announced it is working with Microsoft (Nasdaq “MSFT”) to secure enterprise endpoints. This collaboration—the first advanced threat protection platform to integrate with Microsoft anti-malware and exploit prevention tools—will deliver solutions that strengthen security while decreasing the total cost of advanced threat and malware protection across endpoints in both large and small enterprises.
Organizations today need to defend themselves against known malware as well as the advanced threats and targeted attacks unleashed by nation-state actors and cyber criminals to breach enterprises and steal valuable information. As a result, companies worldwide are re-evaluating their endpoint security architecture and investment strategies.
The integration of Bit9 + Carbon Black’s next-generation endpoint threat prevention, detection, and response solution with Microsoft’s System Center 2012 Endpoint Protection (SCEP) anti-malware solution and Enhanced Mitigation Experience Toolkit (EMET) will address the full spectrum of endpoint protection. Because Microsoft customers with System Center Configuration Manager and Enterprise client access license agreements can leverage SCEP and EMET at no additional cost, combining those tools with the Bit9 + Carbon Black solution in a multi-layered, integrated solution enables organizations to arm their endpoints against all forms of malware more effectively and economically than buying multiple antivirus, anti-exploit, and advanced threat endpoint protection products and hoping they work effectively together.
When deployed, Bit9 + Carbon Black with Microsoft SCEP and EMET will deliver a defense-in-depth endpoint security architecture unlike any other available today, with each product satisfying an important and specific requirement:
- Microsoft SCEP: Detection and prevention against known malware.
- Microsoft EMET: Protection against exploit-based attacks for select, critical applications.
- Bit9 Security Platform: Policy-based endpoint system hardening and protection against unknown malware and advanced threats.
- Carbon Black: Continuous endpoint monitoring and recording of endpoint activity for real-time attack detection, response and remediation.
These integrated and complementary capabilities enable numerous automated and streamlined threat prevention workflows. For example, when Microsoft SCEP detects malware or Microsoft EMET blocks an exploit they send their alerts to the Bit9 + Carbon Black solution, which correlates the alerts with the collective intelligence gained from its enterprise-wide DVR-like endpoint recording and its Threat Intelligence Cloud. This layered intelligence now shows security personnel exactly what transpired on the endpoint—before and after the alert—revealing key aspects of the attack vectors and answering questions such as:
- Which machine and user was initially targeted?
- How long has the malware been in the organization?
- What did the malware do before and after the attack?
- How many other machines are now affected?
- Which applications are being exploited?
- How do I clean up my environment?
Security operators can use this contextual information to prioritize response actions, improve and accelerate investigation, globally prevent the malware from executing on every machine in the enterprise, and accelerate remediation.
These integrations will be available in the second quarter of 2015.
Analyst Quote: David Monahan, research director, Security and Risk Management for Enterprise Management Associates
“Both Microsoft and Bit9 + Carbon Black understand that the endpoint, desktop, or server is the final frontier. To get to the data, attackers need to get a foothold on an endpoint because that is both where the users access data from and/or store it. By containing endpoint threats at the moment of execution, Bit9 + Carbon Black and Microsoft are eliminating the ability of malware to spread or data to be exfiltrated. Responders can now perform a laser-focused investigation on the endpoint(s) in seconds, while the scope is still very small, limiting damage and potential data loss.”
Analyst Quote: Jon Oltsik, senior principal analyst for Enterprise Strategy Group
“There was talk last year about antivirus being ‘dead.’ AV is not dead, but enterprise organizations are creating a defense-in-depth endpoint security architecture, adding additional prevention, detection and response capabilities to traditional AV. This may be one reason why recent Enterprise Strategy Group research found that 57 percent of enterprises are apt to replace some commercial AV with freeware and then spend traditional AV dollars on other endpoint security technologies. The integration of Microsoft security tools and Bit9 + Carbon Black’s next-generation security solution aligns with this emerging trend, making it a reality.”
About Bit9 + Carbon Black
Bit9 + Carbon Black provides the most complete solution against advanced threats that target organizations’ endpoints and servers, making it easier to see—and immediately stop—those threats. The company enables organizations to arm their endpoints by combining continuous, real-time visibility into what’s happening on every computer; real-time signature-less threat detection; incident response that combines a recorded history with live remediation; and prevention that is proactive and customizable. More than 1,000 organizations worldwide—from Fortune 100 companies to small enterprises—use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading managed security service providers (MSSP) and incident response (IR) companies have made Bit9 + Carbon Black a core component of their detection and response services.
Bit9 and Carbon Black are registered trademarks of Bit9, Inc. All other company or product names may be the trademarks of their respective owners.