Analytics
2/13/2014
12:54 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Bit9 And Carbon Black Merge

New company prevents and detects advanced threats on endpoints and servers

WALTHAM, Mass.--Feb. 13, 2014--Bit9, the leader in advanced threat protection for endpoints and servers, today announced it has merged with Carbon Black, a next-generation security company with an architecture that enables rapid installation on every enterprise endpoint and server and delivers "incident response in seconds." The combined entity, which retains the Bit9 name, is the only company that prevents and detects advanced threats on endpoints and servers andprovides incident response in seconds.

Financial terms of the transaction were not disclosed.

Bit9 also announced today it has raised $38.25 million to fuel the combined companies' explosive growth as businesses race to protect themselves against the ever-increasing damage from advanced attacks.

Bit9 and Carbon Black are highly complementary and together will bring enterprise customers a level of security they cannot get from any other vendor. Carbon Black, founded by offensive security and incident response experts, provides organizations with incident response in seconds, without the need to engage expensive outside consultants. By combining Bit9's market-leading endpoint/server advanced threat prevention solution with Carbon Black's breakthrough incident response solution, Bit9 offers organizations an unprecedented ability to detect and stop cyber threats and respond to incidents--all in real time.

"Every enterprise endpoint and server is a defenseless blind spot for advanced threats," said Patrick Morley, Bit9 president and CEO. "Traditional defenses such as antivirus can't detect or stop stealthy attacks orchestrated by malicious actors, or help companies respond to incidents, which has been painfully underlined by the recent high-profile intrusions into leading retailers. The combination of Bit9 and Carbon Black satisfies all of these needs. Because Carbon Black's lightweight endpoint sensor can be rapidly deployed with no configuration, organizations can now have continuous surveillance of all of their computers. And they can stop advanced threats by using Bit9's signature-less prevention technology, which can be customized to meet the needs of different users and systems. Every organization, big or small, must add prevention and surveillance capabilities to all of their computers or they risk becoming the next victim of a costly attack. The combination of Bit9 and Carbon Black leapfrogs the rest of the market, as we are the only company that empowers security teams to immediately prevent, detect and respond to advanced attacks on their endpoints and servers."

Mike Viscuso, CEO of Carbon Black, said: "We founded Carbon Black to dramatically lower the cost and complexity of incident response. In today's environment, organizations simply can't afford to call expensive incident response companies every time they suspect they have a breach. Carbon Black was built by talented, offensive-minded, security experts who understand every facet of the response process. The result of that expertise is a product that has enabled companies to respond to incidents in seconds. By integrating the best technologies for prevention, detection and response, Bit9 and Carbon Black are addressing the full lifecycle of endpoint security."

Carbon Black provides continuous, real-time visibility into endpoints and servers and records everything it sees. This enables security teams to instantly know what is happening on any computer as well as "roll back the tape" to trace the entire history of an attack. Unlike time-consuming traditional incident response, which relies on log file analysis and file system forensics, Carbon Black delivers incident response in seconds because it is always recording the exact data incident responders need during an investigation. It features a number of leading-edge technology innovations:

· Fast, easy deployment on every computer--Carbon Black is built on a lightweight sensor that requires zero configuration and can be rapidly deployed to any machine. The Carbon Black sensor can be deployed to thousands of machines in minutes. This enables a security team to have "eyes and ears" on every computer in their enterprise.

· Records everything and maintains relationships--Continuous visibility provides an always-on, comprehensive view of every enterprise endpoint and server. This enables security professionals to assess potential vulnerabilities, detect advanced threats, and have a full understanding of risks--all in real time. Carbon Black also collects, retains and archives the relationships among data, giving security teams the power to track and alert on behaviors, not just individual events.

· Zero-admin big data--Carbon Black employs big-data analysis techniques so enterprises can prepare, monitor and respond to a data breach with ease. Its horizontally-scalable architecture allows it to handle massive amounts of data, providing an instantly searchable history of all data across every machine in an enterprise. Carbon Black also features an integration API that enables security teams to rapidly integrate it into their environment, helping make that organization's existing security people, processes and technology that much better.

· Robust threat intelligence feeds deliver real-time detection--Carbon Black seamlessly integrates threat intelligence feeds from a number of third-party sources to give customers a "one-stop source" for detecting any malicious files in their environment. Customers also can add custom intelligence feeds with a push of a button.

Bit9 has more than 1,000 installations, including 25 of the Fortune 100, and is the leader in advanced threat prevention on endpoints and servers. Carbon Black is the leader among a rapidly emerging set of vendors that deliver what Gartner named "Endpoint Threat Detection and Response" (ETDR) in July 2013.

The entire Carbon Black team will join Bit9 to continue their groundbreaking work. Carbon Black CEO Mike Viscuso will assume the new position of chief strategy officer, reporting to Bit9 CEO Patrick Morley.

The additional funding was led by existing Bit9 investor Atlas Venture and included all other current Bit9 investors--.406 Ventures, Highland Capital Partners, Kleiner Perkins Caufield & Byers, and Sequoia Capital--and a direct investment by Blackstone, an investor in Carbon Black. With this round, Bit9 has raised a total of $120 million.

Analyst Quote: Wendy Nather, research director of the Enterprise Security Practice at 451 Research

"Enterprise security teams don't want a product that tells them something is wrong, but that can't help them respond to the problem. There are a lot of companies that focus on detection but ignore prevention. The merger of Bit9 and Carbon Black is intended to address a fundamental issue for endpoints and servers: what you cannot prevent, you must detect, and then you must respond."

Video: Bit9 CEO Patrick Morley and Carbon Black CEO Mike Viscuso discuss the merger

See Bit9 and Carbon Black at RSA Conference

Bit9 is exhibiting at RSA Conference 2014 in San Francisco from Feb. 24 through Feb. 27. Visit booth #827 in the South Hall to see the complete security solution delivered by Bit9 and Carbon Black.

About Bit9 + Carbon Black

Bit9 and Carbon Black have joined together to offer the industry's most complete solution for advanced threat protection for endpoints and servers. The merged company helps organizations protect themselves from advanced threats in two critical ways: by reducing their attack surface through new signature-less forms of prevention, and rapidly detecting and responding to threats. We do this by leveraging the powerful combination of Carbon Black's lightweight endpoint sensor, which can be rapidly deployed with no configuration to deliver "incident response in seconds," and Bit9's industry-leading prevention technologies to continuously monitor and record all activity on endpoints and servers and stop cyber threats that evade traditional security defenses. Our lightweight real-time sensor and recorder, cloud-based services, and real-time enforcement engine give organizations immediate visibility into everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; a recorded history of all endpoint and server activity to rapidly respond to alerts and incidents; and real-time integration with network security devices such as Palo Alto Networks.1,000 organizations worldwide--from 25 Fortune 100 companies to small businesses--use Bit9 and Carbon Black to increase security, reduce operational costs and improve compliance.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0485
Published: 2014-09-02
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5136
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.