Protiviti becomes the latest firm with IR services to join Carbon Black’s global program
Carbon Black, the leader in next-generation endpoint security, today announced that more than 50 of the world’s leading firms for incident response (IR) services use Carbon Black as their weapon of choice when battling attackers.
Carbon Black made the announcement at its largest event of the year, Cb Connect, a conference bringing together hundreds of security professionals from around the world.
Protiviti is the latest firm to join Carbon Black’s global program. Carbon Black’s Cb Response empowers Protiviti’s proactive incident response (threat hunting) services to more efficiently review endpoint processes, persistence mechanisms, and other unusual activity through a single interface.
This enhanced visibility enables Protiviti analysts to focus their time on value-added activities such as development of additional hunting hypotheses/use cases and investigation of potential indicators.
Protiviti joins the growing list of professional services firms that use Carbon Black to:
- Gain enterprise-wide visibility to see the entire kill chain of a potential attack
- Immediately understand the root-cause of attacks
- Identify additionally needed preventative or monitoring security controls
- Empower threat hunters with key information to creatively search for attackers.
Earlier this year, Carbon Black was named “Best Endpoint Detection and Response Solution” by security professionals in the SANS Institute’s Best of Awards. To date, Carbon Black has trained more than 1,650 incident response professionals around the globe to lead their response and hunting efforts with Carbon Black solutions.
As a result, the Carbon Black footprint in the market is expanding. Carbon Black’s IR partners are on pace to average more than one incident response engagement per day in 2017, with engagements covering more than 580,000 endpoints this calendar year to date.
“As breach statistics have demonstrated, attackers frequently evade organisational monitoring tools and processes,” said Scott Laliberte, a Protiviti managing director and global leader of the firm’s cyber security and privacy services. “Proactively hunting for attackers through the use of endpoint visibility tools is a key way we help organisations reduce the risk of an undetected breach.”
“When organisations are at their most vulnerable, during an incident response engagement, they often turn to one of the world’s leading incident response firms to assist,” said Tom Barsi, Carbon Black’s senior vice president of business development. “These IR firms, overwhelmingly, trust Carbon Black to be their weapon of choice to gain enterprise-wide visibility and stop an attack dead it its tracks.”
Carbon Black also enables and supports the required regulatory components associated with an incident by providing automation and actionable intelligence relevant to the mandate, enabling continuous compliance for customers. Few IR programs enable the same breadth of partnership in the industry.
In addition to Protiviti, some of the key firms that leverage Carbon Black are: Advanced Threat Analytics (ATA), Context IS, E&Y, IBM, Kroll, Optiv, Rapid 7 and Trustwave.
“The market often thinks of data breaches as ‘non-human’,” said Barsi. “The reality is that cyber defence and incident response are still very much human vs.
human battles. While human attackers continue to evolve their attacks and leverage increasingly complex tools, human defenders turn to Carbon Black as their tool of choice to detect and stop attackers before any damage can be done.”
To learn more about becoming a Carbon Black incident response partner, click here.
Category: Security Company profile: Carbon Black leads a new era of endpoint security by enabling organisations to disrupt advanced attacks, deploy the best prevention strategies for their business, and leverage the expertise of 10,000 professionals from IR firms, MSSPs and enterprises to shift the balance of power back to security teams. Only Carbon Black continuously records and centrally retains all endpoint activity, making it easy to track an attacker’s every action, instantly scope every incident, unravel entire attacks and ...
For more information: