Paul Miller – [Senior Systems Engineer]
The world of endpoint security is a very crowded market right now, making it difficult to discern what makes one solution better than another. We at Keller Schroeder found ourselves hunting for answers in this market space last summer, and underwent an evaluation of the top ten solutions on the market. After this extensive research, we ended up establishing a new partnership with Carbon Black.
Carbon Black Defense brings a robust set of features to the table. Their entire technique for endpoint defense relies on detecting malicious software and stopping execution before damage is done. As a cloud-based solution, Carbon Black monitors all processes running on your endpoint, scores them based on malicious tactics, techniques, and procedures (ram scraping, bad execution methods, self-elevation), and then stops the execution of processes that are found to be up to no good. This happens in real-time, and utilizes a very light agent (0-1% CPU) on the endpoints.
The console provides kill chain insight like no other product on the market, and other advanced threat protection options. From the console it is simple (a couple of clicks… really), to look at a threat’s kill chain, and blacklist the offending process from running again anywhere in your enterprise. Management overhead for most environments are estimated at around 1-2 hours a week under normal conditions, making it light on administration overhead as well.
If you have a renewal in the future for your endpoint security products, and would like to take a look at CB Defense, please get in touch with your Keller Schroeder Select Account Manager. We would enjoy providing you a demo to show you why this product stands out in this very crowded field.