Carbon Black and IBM Security Deliver Increased Visibility for SOCs to Accelerate Incident Response

Last updated:

Carbon Black today announced an expansion of its collaboration with IBM Security via further integrations between their respective portfolios of cybersecurity tools.

The new integration will connect customers that leverage both Carbon Black’s market-leading endpoint detection and response (EDR) solution, Cb Response, with IBM Resilient’s advanced Response Orchestration Platform, empowering security teams to respond faster and more comprehensively to modern cyberattacks.

With this announcement, joint customers of Carbon Black and IBM Resilient can use the products in a tightly integrated way. Security Operation Centers (SOCs) can automate remediation tasks and orchestrate critical incident response activities, creating a streamlined, agile response function. The power of the combined technologies ensures security teams can keep up with the evolving nature of cyberattacks and efficiently respond to incidents.

Today’s businesses often depend on many different security solutions to protect their environments. Additionally, various departments (SOCs, IT, operations, HR) must work collaboratively to keep up with the speed of business.

The native integration enables users of both IBM Security and Carbon Black to automatically enrich new security incidents with deep endpoint data from Cb Response into the Resilient platform. Users can also leverage industry-leading threat intelligence, and remediate issues by banning malicious files.

This latest integration between Carbon Black and IBM Resilient benefits SOCs by allowing them to:

  • Respond faster and more efficiently to incidents
  • Gain enterprise-wide visibility via a hub for all incident response
  • Free-up critical analyst time from mundane tasks to enable them to focus on the response
  • Automatically collect and integrate endpoint data
  • Enable high-speed SOC orchestration of endpoint remediation actions

Tom Barsi, senior vice president of business and corporate development for Carbon Black said,

“We are excited that IBM Security has expanded its partnership with Carbon Black,”

“The combination of Cb Response and Resilient’s leading orchestration response platform brings additional strength to SOCs and empowers security teams around the globe to automate remediation of advanced threats instantly.”

Ted Julian, VP of product management for IBM Security said,

“Carbon Black and Resilient together are providing a powerful way for organisations to fight against end point attacks that continue to plague organisations,”

“Carbon Black’s Cb Response provides a complete view of what’s happening across the enterprise. With the integration into Resilient, security teams can take action on that insight by orchestrating their response to any incident affecting the endpoint directly from the platform.”

The option to integrate between Cb Response and IBM Resilient is the latest combined offering from Carbon Black and IBM Security.

Among the additional elements of the partnership are:

IBM Services

Continuous Monitoring and Threat Response— IBM Security utilises Cb Response and Cb Defense to deliver a number of managed and consulting services to organisations worldwide. The managed detection & response service from IBM is a fully managed service that leverages Cb Response and intelligence from IBM X-Force research and experienced threat hunting teams to achieve continuous, real-time monitoring of enterprise endpoints for signs of malicious activity. In addition, Endpoint Managed Security on Cloud from IBM utilises Cb Defense to deliver managed next-generation anti-virus services for organisations that need to replace their aging antivirus solutions to better protect their endpoints. IBM also offers consulting services and incident response services that leverage Cb Response and Cb Defense that can be tailored to an organisation’s needs.

Technology Integrations

QRadar Integration—The Carbon Black App for IBM QRadar provides a turnkey solution for integrating Carbon Black’s products with IBM Security intelligence technology to provide organisations with a single pane of glass to more quickly detect and respond to security alerts. QRadar dashboards specific to Carbon Black eliminate the need for analysts to swivel across systems as data flows in. This app is provided at no charge to Carbon Black and IBM customers.

BigFix Integration— Seamlessly integrates prioritised patching, compliance, operations, and EDR. Through this solution, analysts leverage BigFix and Carbon Black to disrupt attacker behaviour using a closed-loop endpoint security and management system to detect and respond to attacks in progress and then quickly close exploited vulnerabilities by applying targeted patches across all endpoints in minutes. To help security professionals streamline and prioritise which threats and compromised apps to remediate first, the solution enables prioritised patching and accelerating the remediation of vulnerable endpoints, and brings down the cost of security.