Advanced Threat Prevention, Detection and Response Solution from Bit9 and Carbon Black Extends the Power of Real-time Check Point Threat Emulation to the Endpoint

Bit9, the leader in advanced threat protection for endpoints and servers, and Check Point® Software Technologies Ltd., the worldwide leader in securing the Internet, today announced a partnership to integrate the combined Bit9 and Carbon Black real-time endpoint and server security solution with Check Point’s next-generation firewall and threat emulation offerings.

Every enterprise endpoint and server is a defenseless blind spot for advanced threats. Traditional defenses such as antivirus are unable to detect or stop stealthy attacks orchestrated by malicious actors, or help companies respond to security incidents. Bit9 and Carbon Black, which announced their merger on Feb. 13, 2014, empower security teams to prevent, detect and respond to advanced attacks on their endpoints and servers in real time. Paired with Check Point Software Technologies’ next-generation firewall and threat emulation solutions, Bit9 and Carbon Black’s advanced threat protection capabilities extend the power of Check Point Threat Emulation solution to every endpoint and server, minimizing the overall attack surface, and accelerating incident response.

The integration of Bit9 and Carbon Black with Check Point solves four key security challenges:

• Prioritize alerts: Automatically correlate Check Point Threat Prevention network alerts with real-time endpoint sensor and recorder data to determine which alerts are actionable and prioritize them based on the number of systems infected.
• Rapidly respond to alerts: Gain instant visibility into file execution events, file system modifications, registry changes, and unique binary execution data to understand if a malicious file executed, to locate every instance of the suspicious file across all endpoints and servers, and to accelerate incident response if required.
• Prevent Attacks: Reduce the total threat surface with advanced, signature-less prevention policies to lock down high-risk endpoints, servers and fixed-function devices while leveraging the Check Point Threat Emulation Service to perform real-time analysis of suspicious files and immediately stop malicious software from executing on remaining endpoints and spreading throughout your enterprise.
• Analyze Files: Submit files arriving on endpoints and servers automatically or on-demand to the Check Point Threat Emulation Service to quickly determine the risk of each file and whether it needs to be stopped.

“Check Point’s network protection and threat emulation capabilities, combined with Bit9 and Carbon Black’s advanced threat security and incident response solutions, will deliver complete end-to-end protection,” said Dorit Dor, vice president of products at Check Point Software Technologies. “We look forward to this partnership with Bit9 and Carbon Black driving security innovation and technical excellence for our customers and partners.”

Brian Hazzard, vice president of product management for Bit9, said: “Integrating the Check Point Threat Emulation Service with the Bit9 Security Platform, now with Carbon Black, extends real-time malware prevention, detection, analysis and response to every endpoint and server. Attacks and compromise are the new normal but complete lock down of every machine is unrealistic. The best protection is to secure as many endpoints and servers as possible and put the rest in a ‘detect-detonate-deny’ posture that allows for real-time security policy enforcement as threats appear. This is exactly the operational value and closed-loop integration we will deliver as result of our partnership with Check Point.”

Carbon Black’s lightweight endpoint sensor and recorder capabilities for real-time firewall alert prioritization and response with Check Point are available today.

Integrations of the Bit9 Security Platform with the Check Point Next Generation Firewall and Check Point Threat Emulation Service are slated to become available in the first half of 2014. The ability to prioritize alerts, respond to alerts, and analyze files is available today; the ability to prevent attacks will be available in Q2.

The companies are exhibiting at the RSA Conference in San Francisco from Feb. 24 through Feb. 27 in the South Hall, Bit9 and Carbon Black in booth #827 and Check Point in booth #1101.

About Bit9 + Carbon Black
Bit9 and Carbon Black have joined together to offer the industry’s most complete solution for advanced threat protection for endpoints and servers. The merged company helps organizations protect themselves from advanced threats in two critical ways: by reducing their attack surface through new signature-less forms of prevention, and rapidly detecting and responding to threats. We do this by leveraging the powerful combination of Carbon Black’s lightweight endpoint sensor, which can be rapidly deployed with no configuration to deliver “incident response in seconds,” and Bit9’s industry-leading prevention technologies to continuously monitor and record all activity on endpoints and servers and stop cyber threats that evade traditional security defenses. Our lightweight real-time sensor and recorder, cloud-based services, and real-time enforcement engine give organizations immediate visibility into everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; a recorded history of all endpoint and server activity to rapidly respond to alerts and incidents; and real-time integration with network security devices from companies such as Check Point Software Technologies.1,000 organizations worldwide—from 25 Fortune 100 companies to small businesses—use Bit9 and Carbon Black to increase security, reduce operational costs and improve compliance.