5.30.18
Exabeam, the next-gen SIEM company, today announced a strategic integration with Carbon Black, a leader in next-generation endpoint security. For joint customers, the partnership provides increased detection of advanced threats and lateral movement, as well as reduced incident response times—all while utilizing existing security investments.
The integration of Carbon Black’s Cb Response and Exabeam’s Next-Gen SIEM is bi-directional. Cb Response data in the Exabeam Security Intelligence Platform, alongside data from other security products, enables security analysts and security operations center (SOC) staff to holistically detect advanced threats. Additionally, Exabeam can trigger automated incident response of detected threats using the Carbon Black API.
“Carbon Black is able to provide detailed insight into user and endpoint behavior,” said Jim Raine, director of technical alliances at Carbon Black. “This data can be ingested by Exabeam and combined with logs from other systems to create a behavior-based model that simplifies threat detection.”
To support increased detection of complex threats, such as insider threats and lateral movement, the partnership enables comprehensive analysis capabilities. Combining Carbon Black data, along with third-party data from other types of security solutions (such as data loss prevention (DLP), virtual private networks (VPNs), web proxies, and more), Exabeam provides greater visibility and higher fidelity alerts than a single solution could achieve alone.
End users also benefit from rapid incident investigation and containment through the use of security orchestration and automated response playbooks with this integration. An alert triggered in Cb Response can be used within Exabeam to create baseline behaviors and identify anomalous sessions, as well as trigger an incident response playbook, which can perform corrective action, such as quarantining an endpoint via the open Carbon Black API.
“Many of Exabeam’s customers use Carbon Black products and this partnership allows joint customers to ingest valuable endpoint detection and response (EDR) data into our SIEM platform for behavioral analysis,” said Ted Plumis, vice president of worldwide channels at Exabeam. “When threats are detected, Exabeam’s security orchestration and response automation solution helps our users take corrective action via response playbooks that are now able to trigger actions in Cb Response. This integration increases the value of both the Exabeam solution as well as the Carbon Black solution.”
