Bit9, a Waltham, Mass-based security software maker best known for its application whitelisting solutions, today announced that it has raised $38.25 million in new funding, and has acquired Carbon Black, a provider of incident response solutions.
The combined company will operate under the Bit9 name and will offer solutions designed to detect and prevent advanced threats on endpoints and servers and provide rapid incident response.
Financial terms of the Carbon Black transaction were not disclosed.
By combining Bit9’s endpoint/server advanced threat prevention solution with Carbon Black’s incident response solution, Bit9 says it will be able to offer customers the ability to detect and stop cyber threats and respond to incidents—all in real time.
“Every enterprise endpoint and server is a defenseless blind spot for advanced threats,” said Patrick Morley, Bit9 president and CEO. “Traditional defenses such as antivirus can’t detect or stop stealthy attacks orchestrated by malicious actors, or help companies respond to incidents, which has been painfully underlined by the recent high-profile intrusions into leading retailers.
Because Carbon Black’s lightweight endpoint sensor can be rapidly deployed with no configuration, organizations can now have continuous surveillance of all of their computers, the company explained.
Carbon Black provides continuous, real-time visibility into endpoints and servers and records everything it sees. This enables security teams to instantly know what is happening on any computer as well as “roll back the tape” to trace the entire history of an attack.
Unlike time-consuming traditional incident response, which relies on log file analysis and file system forensics, Carbon Black delivers incident response in seconds because it is always recording the exact data incident responders need during an investigation. It features a number of leading-edge technology innovations:
• Fast, easy deployment on every computer—Carbon Black is built on a lightweight sensor that requires zero configuration and can be rapidly deployed to any machine. The Carbon Black sensor can be deployed to thousands of machines in minutes.
• Records everything and maintains relationships—Continuous visibility provides an always-on, view of every enterprise endpoint and server. This enables security professionals to assess potential vulnerabilities, detect advanced threats, and have a full understanding of risks—all in real time. Carbon Black also collects, retains and archives the relationships among data, giving security teams the power to track and alert on behaviors, not just individual events.
• Zero-admin big data—Carbon Black employs big-data analysis techniques so enterprises can prepare, monitor and respond to a data breach with ease. Its horizontally-scalable architecture allows it to handle massive amounts of data, providing an instantly searchable history of all data across every machine in an enterprise. Carbon Black also features an integration API that enables security teams to rapidly integrate it into their environment, helping make that organization’s existing security people, processes and technology that much better.
• Threat intelligence feeds deliver real-time detection—Carbon Black integrates threat intelligence feeds from a number of third-party sources to give customers a “one-stop source” for detecting any malicious files in their environment. Customers also can add custom intelligence feeds with a push of a button.
The entire Carbon Black team will join Bit9, and Carbon Black CEO Mike Viscuso will assume the new position of chief strategy officer, reporting to Bit9 CEO Patrick Morley.
The new funding was led by existing Bit9 investor Atlas Venture and included other Bit9 investors—.406 Ventures, Highland Capital Partners, Kleiner Perkins Caufield Byers, and Sequoia Capital—and a direct investment by Blackstone. The investment brings the total amount raised to-date by Bit9 to $120 million.
Tweet
Managing Editor, SecurityWeek.Previous Columns by Mike Lennon:Bit9 Raises $38 Million, Acquires Carbon BlackProlexic Warns of New DNS Flooder DDoS Attack ToolkitCloudFlare Infrastructure Hit With 400Gbs NTP-Based DDoS AttackFireEye Unveils All-in-One Platform to Detect, Contain and Mitigate Threats Kaspersky Unveils The Mask – Most Advanced Cyber Espionage Operation Seen To Date
sponsored links
Tags: NEWS INDUSTRY
Incident Management
Security Infrastructure
