As part of a larger effort to redefine what encompasses endpoint security, Carbon Black has acquired Confer, a provider of antivirus software that uses heuristics and a cloud-based management platform to change the way IT organizations maintain IT security.
Carbon Black CEO Patrick Morley says the ultimate goal is to combine the whitelisting and cybersecurity threat intelligence software developed by Carbon Black with the next-generation antivirus (NGAV) software developed by Confer. Confer’s software solution will be renamed “Cb Defense.”https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=iRather than simply focusing on developing signatures after an attack is launched, Morley says, Cb Defense will use heuristics at the endpoint and analytics in the cloud to identify threats, enabling IT organizations to proactively respond to them before they infect an endpoint.
Just as importantly, Morley says, Cb Defense is a much lighter-weight implementation of NGAV software that can be more effectively used across a number of IT scenarios, including mobile computing and Internet of Things (IoT) use cases.
Because Cb Defense relies on threat intelligence and heuristics rather than just signatures, Morley says, it’s a lot more effective than traditional AV software. While most providers of AV software are incorporating more heuristics to varying degrees, Morley says endpoint security is now being judged by a vendor’s ability to detect, respond to and remediate a security breach within the context of an integrated endpoint security lifecycle framework.
While there’s a lot of focus these days on trying to protect data wherever it resides in the enterprise, the endpoint remains the front line of IT security. Most IT security attacks target an endpoint in one form or another. It’s usually when that endpoint is compromised that the rest of the IT security nightmare unfolds. Every endpoint attack that is thwarted not only represents a small victory for the IT organization, it also serves to make launching those attacks a less profitable endeavor for the cybercriminal in the first place.