Joint customers benefit from network-to-endpoint visibility
and control to stop advanced threats and targeted attacks
WALTHAM, Mass.—May 8, 2014—Bit9®, the leader in advanced threat protection for endpoints and servers, today announced the availability of Bit9 for Check Point, a new solution that integrates Bit9’s real-time endpoint and server security with the next-generation firewall and threat emulation offerings of Check Point® Software Technologies Ltd., the worldwide leader in securing the Internet.
Bit9 for Check Point delivers closed-loop integration between network security and endpoint/server security. When the Check Point next-generation firewalls detect a suspicious file on the network, Bit9 automatically confirms the location, scope and severity of the threat on enterprise endpoints and servers. Security teams can also submit suspicious files that have landed on endpoints and servers to the Check Point Threat Emulation Service to quickly determine the risk of each file and whether it needs to be stopped. Bit9 for Check Point reduces the overall operational effort of managing network and system security, accelerates incident response time and improves any organization’s overall security posture.
The integration of Bit9 with Check Point solves four key security challenges:
- Prioritize alerts: Automatically correlate Check Point Threat Prevention network alerts with real-time endpoint sensor and recorder data to determine which alerts are actionable and prioritize them based on the number of systems infected.
- Rapidly respond to alerts: Gain instant visibility into file execution events, file system modifications, registry changes, and unique binary execution data to understand if a malicious file executed, to locate every instance of the suspicious file across all endpoints and servers, and to accelerate incident response if required.
- Prevent Attacks: Reduce the total threat surface with advanced, signature-less prevention policies to lock down high-risk endpoints, servers and fixed-function devices. Leverage the Check Point Threat Emulation Service to perform real-time analysis of suspicious files and immediately stop malicious software from executing on remaining endpoints and spreading throughout your enterprise.
- Analyze Files: Use “detonate-and-deny” to analyze and block every malicious file landing on any endpoint. Submit files arriving on endpoints and servers automatically or on-demand to the Check Point Threat Emulation Service to quickly determine the risk of each file and whether it needs to be stopped. If the file is malicious, immediately block its execution.
In February 2014, Bit9 announced the integration of its Carbon Black lightweight endpoint sensor and recorder for real-time detection and incident response in seconds with Check Point’s next-generation firewall and threat emulation offerings. Bit9 + Carbon Black provides the full lifecycle of Visibility, Detection, Response and Protection on endpoints and servers. The integration of Bit9 + Carbon Black with Check Point delivers a powerful solution to stop advanced threats anywhere in the enterprise.
“Integrating the Check Point network protection and threat emulation capabilities with the Bit9 and Carbon Black solutions extends real-time advanced threat prevention, detection, analysis and response to every endpoint and server in an enterprise,” said Brian Hazzard, Bit9 vice president of product management. “Attacks and compromise are the new normal but complete lock down of every machine is unrealistic for many companies. The best protection against today’s advanced threats is to secure as many endpoints and servers as possible and put the rest in a ‘detonate-and-deny’ posture that allows for real-time security policy enforcement as threats appear. This is exactly the operational value and closed-loop integration this partnership of industry leaders delivers.”
Videos: Bit9 for Check Point and Bit9 for Check Point demo
About Bit9 + Carbon Black
Bit9 and Carbon Black have joined together to offer the industry’s most complete solution for advanced threat protection for endpoints and servers. The merged company helps organizations protect themselves from advanced threats in two critical ways: by reducing their attack surface through new signature-less forms of prevention, and rapidly detecting and responding to threats. We do this by combining Carbon Black’s lightweight endpoint sensor, which can be rapidly deployed with no configuration to deliver “incident response in seconds,” and Bit9’s industry-leading prevention technologies to continuously monitor and record all activity on endpoints and servers and stop cyber threats that evade traditional security defenses. Our lightweight real-time sensor and recorder, cloud-based services, and real-time enforcement engine give organizations immediate visibility into everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; a recorded history of all endpoint and server activity to rapidly respond to alerts and incidents; and real-time integration with network security devices such as Check Point, FireEye and Palo Alto Networks. 1,000 organizations worldwide—from 25 Fortune 100 companies to small businesses—use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance.
Bit9 is a registered trademark of Bit9, Inc. All other company or product names may be the trademarks of their respective owners.