Visibility Becomes Paramount As Endpoints and MSSPs Heat Up

Ben Johnson

Share this Project

This is a guest post contributed by Benjamin Johnson, Chief Security Strategist, Bit9 + Carbon Black.

The endpoint security space is hot right now. The managed security provider space is also hot right now. So it only makes sense that managed endpoint security, in one form or another, is the place to be.

You cannot defend what you cannot see, and with a deteriorating perimeter, encrypted communications, and living off the land, more and more enterprises are being pushed to install an endpoint threat detection and response (ETDR) agent to give themselves a fighting chance.

With endpoint security, it’s about “visibility,” which I’m sure you saw as one of the key buzzwords at every trade show last year. That’s because blindness is crippling to your continuous monitoring and incident response efforts. You need to understand what’s normal and what’s not. You need to be able to “rewind the tape” to figure out root cause.

And guess what?

Now that this endpoint data is visible, you can do new forms of advanced detection in nearly real time – something one of our partners Red Canary has been pioneering for over a year.

Our approach at Bit9 + Carbon Black is to fully embrace the security ecosystem. Defense in depth is more than just a good theory. You’ve already invested in various protection, detection, and response mechanisms. Security data is growing ever more powerful but it’s a simple picture: integrations, openness, and being API-driven must be fundamental tenets of a modern security solution.

This approach doesn’t just extend to our customers either. This extends to our partners, as well. And partners often have the programmers on staff to really build upon our platforms to drive our solutions to new heights.

Red Canary has built managed detection capabilities on top of our rich endpoint telemetry to create outstanding forms of detection. They’re enhancing endpoint threat detection and response by offering a service that detects threats in a variety of ways and empowers response, and we applaud them for that. And just today Red Canary announced funding to bring to market its unique offering. Red Canary’s proprietary behavioral analysis and analytics paired with binary and threat intelligence data from our own Threat Intelligence Cloud and other partners gives them a truly impressive breadth and depth of detection.

We look forward to Red Canary continuing to push the envelope and fighting alongside us in these ongoing cyber battles. Information security needs partnerships, integrations, and platforms where accelerated innovation and extension can flourish.