Analytics
2/13/2014
12:54 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Bit9 And Carbon Black Merge

New company prevents and detects advanced threats on endpoints and servers

WALTHAM, Mass.--Feb. 13, 2014--Bit9, the leader in advanced threat protection for endpoints and servers, today announced it has merged with Carbon Black, a next-generation security company with an architecture that enables rapid installation on every enterprise endpoint and server and delivers "incident response in seconds." The combined entity, which retains the Bit9 name, is the only company that prevents and detects advanced threats on endpoints and servers andprovides incident response in seconds.

Financial terms of the transaction were not disclosed.

Bit9 also announced today it has raised $38.25 million to fuel the combined companies' explosive growth as businesses race to protect themselves against the ever-increasing damage from advanced attacks.

Bit9 and Carbon Black are highly complementary and together will bring enterprise customers a level of security they cannot get from any other vendor. Carbon Black, founded by offensive security and incident response experts, provides organizations with incident response in seconds, without the need to engage expensive outside consultants. By combining Bit9's market-leading endpoint/server advanced threat prevention solution with Carbon Black's breakthrough incident response solution, Bit9 offers organizations an unprecedented ability to detect and stop cyber threats and respond to incidents--all in real time.

"Every enterprise endpoint and server is a defenseless blind spot for advanced threats," said Patrick Morley, Bit9 president and CEO. "Traditional defenses such as antivirus can't detect or stop stealthy attacks orchestrated by malicious actors, or help companies respond to incidents, which has been painfully underlined by the recent high-profile intrusions into leading retailers. The combination of Bit9 and Carbon Black satisfies all of these needs. Because Carbon Black's lightweight endpoint sensor can be rapidly deployed with no configuration, organizations can now have continuous surveillance of all of their computers. And they can stop advanced threats by using Bit9's signature-less prevention technology, which can be customized to meet the needs of different users and systems. Every organization, big or small, must add prevention and surveillance capabilities to all of their computers or they risk becoming the next victim of a costly attack. The combination of Bit9 and Carbon Black leapfrogs the rest of the market, as we are the only company that empowers security teams to immediately prevent, detect and respond to advanced attacks on their endpoints and servers."

Mike Viscuso, CEO of Carbon Black, said: "We founded Carbon Black to dramatically lower the cost and complexity of incident response. In today's environment, organizations simply can't afford to call expensive incident response companies every time they suspect they have a breach. Carbon Black was built by talented, offensive-minded, security experts who understand every facet of the response process. The result of that expertise is a product that has enabled companies to respond to incidents in seconds. By integrating the best technologies for prevention, detection and response, Bit9 and Carbon Black are addressing the full lifecycle of endpoint security."

Carbon Black provides continuous, real-time visibility into endpoints and servers and records everything it sees. This enables security teams to instantly know what is happening on any computer as well as "roll back the tape" to trace the entire history of an attack. Unlike time-consuming traditional incident response, which relies on log file analysis and file system forensics, Carbon Black delivers incident response in seconds because it is always recording the exact data incident responders need during an investigation. It features a number of leading-edge technology innovations:

· Fast, easy deployment on every computer--Carbon Black is built on a lightweight sensor that requires zero configuration and can be rapidly deployed to any machine. The Carbon Black sensor can be deployed to thousands of machines in minutes. This enables a security team to have "eyes and ears" on every computer in their enterprise.

· Records everything and maintains relationships--Continuous visibility provides an always-on, comprehensive view of every enterprise endpoint and server. This enables security professionals to assess potential vulnerabilities, detect advanced threats, and have a full understanding of risks--all in real time. Carbon Black also collects, retains and archives the relationships among data, giving security teams the power to track and alert on behaviors, not just individual events.

· Zero-admin big data--Carbon Black employs big-data analysis techniques so enterprises can prepare, monitor and respond to a data breach with ease. Its horizontally-scalable architecture allows it to handle massive amounts of data, providing an instantly searchable history of all data across every machine in an enterprise. Carbon Black also features an integration API that enables security teams to rapidly integrate it into their environment, helping make that organization's existing security people, processes and technology that much better.

· Robust threat intelligence feeds deliver real-time detection--Carbon Black seamlessly integrates threat intelligence feeds from a number of third-party sources to give customers a "one-stop source" for detecting any malicious files in their environment. Customers also can add custom intelligence feeds with a push of a button.

Bit9 has more than 1,000 installations, including 25 of the Fortune 100, and is the leader in advanced threat prevention on endpoints and servers. Carbon Black is the leader among a rapidly emerging set of vendors that deliver what Gartner named "Endpoint Threat Detection and Response" (ETDR) in July 2013.

The entire Carbon Black team will join Bit9 to continue their groundbreaking work. Carbon Black CEO Mike Viscuso will assume the new position of chief strategy officer, reporting to Bit9 CEO Patrick Morley.

The additional funding was led by existing Bit9 investor Atlas Venture and included all other current Bit9 investors--.406 Ventures, Highland Capital Partners, Kleiner Perkins Caufield & Byers, and Sequoia Capital--and a direct investment by Blackstone, an investor in Carbon Black. With this round, Bit9 has raised a total of $120 million.

Analyst Quote: Wendy Nather, research director of the Enterprise Security Practice at 451 Research

"Enterprise security teams don't want a product that tells them something is wrong, but that can't help them respond to the problem. There are a lot of companies that focus on detection but ignore prevention. The merger of Bit9 and Carbon Black is intended to address a fundamental issue for endpoints and servers: what you cannot prevent, you must detect, and then you must respond."

Video: Bit9 CEO Patrick Morley and Carbon Black CEO Mike Viscuso discuss the merger

See Bit9 and Carbon Black at RSA Conference

Bit9 is exhibiting at RSA Conference 2014 in San Francisco from Feb. 24 through Feb. 27. Visit booth #827 in the South Hall to see the complete security solution delivered by Bit9 and Carbon Black.

About Bit9 + Carbon Black

Bit9 and Carbon Black have joined together to offer the industry's most complete solution for advanced threat protection for endpoints and servers. The merged company helps organizations protect themselves from advanced threats in two critical ways: by reducing their attack surface through new signature-less forms of prevention, and rapidly detecting and responding to threats. We do this by leveraging the powerful combination of Carbon Black's lightweight endpoint sensor, which can be rapidly deployed with no configuration to deliver "incident response in seconds," and Bit9's industry-leading prevention technologies to continuously monitor and record all activity on endpoints and servers and stop cyber threats that evade traditional security defenses. Our lightweight real-time sensor and recorder, cloud-based services, and real-time enforcement engine give organizations immediate visibility into everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; a recorded history of all endpoint and server activity to rapidly respond to alerts and incidents; and real-time integration with network security devices such as Palo Alto Networks.1,000 organizations worldwide--from 25 Fortune 100 companies to small businesses--use Bit9 and Carbon Black to increase security, reduce operational costs and improve compliance.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web