Carbon Black launches advanced threat hunting from the cloud
Most endpoint detection tools collect only a limited set of data, which can make it hard for teams to track down and combat threats.
To address this issue, endpoint security specialist Carbon Black is launching a new threat hunting tool as part of its Predictive Security Cloud (PSC).
Cb ThreatHunter continuously collects unfiltered data, giving security teams all the information they need to proactively hunt threats, uncover suspicious and stealthy behavior, disrupt active attacks, repair damage quickly and address gaps in defenses before attackers can.
"One year ago at Cb Connect in San Francisco, we outlined our vision to rapidly extend the Cb Predictive Security Cloud to make it easier for our customers to move off legacy AV and address multiple security use cases through a single cloud platform and single sensor," says Patrick Morley, Carbon Black's CEO. "One year later, this market-leading platform has five offerings and delivers customers the ability to prevent, detect, respond to, predict and now, hunt threats in the cloud using a single agent, single console and single platform."
Features include powerful search tools that equip security teams with the ability to flexibly hunt threats, even if an endpoint is offline. Researchers can see what happened at every stage of an attack with intuitive attack-chain visualizations, and uncover advanced threats, while minimizing attacker dwell time.
Sophisticated detection combines custom and cloud-delivered threat intelligence, automated watch lists and integrations with the rest of the security stack to efficiently scale hunting across the enterprise. This allows security teams to explore environments for abnormal activity, leverage cloud-delivered threat intelligence and automate repeat hunts. Developers can create custom watch lists to power real-time detection and correlate data across the security stack.
Because it's natively built on the PSC, security teams can rapidly deploy and scale the solution across their enterprise without the need to buy or maintain on-premise infrastructure. By eliminating these costs and processes, Cb ThreatHunter enables teams to simplify their operations and focus their energy on hunting and responding to threats.
You can find out more on the Carbon Black website.