Carbon Black added threat hunting and incident response capabilities to its cloud-based endpoint security platform, Cb Predictive Security Cloud.
The new service, called Cb ThreatHunter, is essentially a cloud-delivered version of the company’s on-premises Cb Response endpoint detection and response device. Increasingly, security teams “don’t want to be in the business of managing infrastructure,” said Rick McElroy, head of security strategy at Carbon Black. “Their job is security operations, not server maintenance.”
Moving the service to the cloud means that teams don’t have to stand up servers and can start threat hunting and responding to incidents faster.
ThreatHunter is the fourth service Carbon Black has added to Cb Predictive Security Cloud this year. Others include antivirus and endpoint detection; threat hunting and triage; and real-time endpoint query and remediation. The company also offers cloud-delivered security for VMware software-defined data centers called Cd Defense for VMware. “That gives us the ability to provide the same detection, response, and prevention capabilities that we would for our customers, but it is baked into VMware,” McElroy said.
Adding security use cases and delivering them through a single cloud platform and single sensor makes it easier for companies to move off of legacy security systems and add new capabilities as needed. “We’re delivering one agent that does multiple functionalities,” McElroy said. “Now customers can buy licenses for each of these services and just turn them on. We’re really trying to make it easier for defenders.”
In addition to pumping out four new products this year, Carbon Black also raised $152 million in an initial public offering in March. It later reported quarterly earnings that beat Wall Street’s expectations, while also raising its outlook for the rest of 2018. Despite the upbeat news, the company’s share price dropped after its August earnings call with investors and this week hit a 52-week low during mid-day trading on Monday.
But the company is playing the long game. And it will continue making products that deliver on its vision, McElroy said. “The vision we have to create a world safe from cyberattacks,” he explained. “If you look at the DNA of the company and where we came from, it’s offensive hackers trained by the U.S. government. It’s still the same vision. We’re delivering that though easier means for the customer by putting services into the cloud and providing things like ThreatHunter.”