News Releases4 min read

Carbon Black Hosts Sold-Out Developer Day During #CBConnect19

With growing momentum for the PSC, 13 new partners join the Carbon Black Integration Network (CBIN) utilizing the company’s open APIs

SAN DIEGO & WALTHAM, Mass. — June 3, 2019 — Carbon Black(NASDAQ:CBLK), a leader in cloud endpoint protection, today welcomed more than 150developers to its sold-out Developer Day, kicking off Carbon Black’s annual three-day user conference, #CBConnect19. Developer Day features in-depth, technical workshops designed to accelerate developers’ ability to advance API and integration techniques and extend Carbon Black’s open cloud platform, the CB Predictive Security Cloud® (PSC).

“To create the strongest security posture possible in today’s evolving threat landscape, companies need access to rich and comprehensive endpoint data,” said Scott Lundgren, Carbon Black’s Chief Technology Officer. “By offering open APIs for all of our products and making every layer of the Carbon Black stack natively extensible, our customers can custom-build their security stack with integrated solutions that quickly and effectively address new threats and offer better protection against advanced threats.” 

The PSC allows third-party developers to leverage Carbon Black’s unfiltered data from the endpoint to the cloud. With native extensibility, the PSC makes it easy for developers to improve an organization’s security posture by building extensions including:

  • Integrations with external systems, such as SIEMs and custom-analysis pipelines, to streamline reporting and analytics across the tech stack
  • Scripting of endpoint actions via external triggers, such as alerts, allowing the automated orchestration of custom actions to be taken on the endpoint
  • Endpoint data collection via osquery, an open source monitoring and collection tool that anyone can extend
  • Customized threat intelligence to enhance real-time detection of malicious events

Carbon Black Launches Open Source Tool For High-Volume Analytics 

At this year’s Developer Day, the company announced the release of an event query router (EQR), a new, open-source data analytics tool that gives data scientists the ability to execute large-scale queries on real-time big data streams without writing code or batching transactions. EQR was initially built by Carbon Black engineers to address the needs of our Threat Analytics Unit (TAU) for threat research and our managed detection service, CB ThreatSight™, which requires high-bandwidth, low-latency access to analyze billions of security events generated by our customers through the PSC. Recognizing the benefit of being able to quickly consume streams of data at massive scale for a range of industries and applications, Carbon Black is delivering EQR as an extensible open-source tool accessible through the Carbon Black GitHub repository.

“Access to large quantities of data through the cloud is revolutionizing the way we’re approaching endpoint security — and the ability to not only analyze that data, but transform it into actionable security insights for our customers quickly and effectively, is critical to our success,” said Lundgren. “We’re pleased to be able to share EQR with other developers in a multitude of industries, who are faced with the same big data challenges.”

Carbon Black Integration Network

In conjunction with Developer Day at #CBConnect19, Carbon Black announced that 13 new partners have joined the Carbon Black Integration Network. CBIN represents vendors, customers and security technologists that have extended Carbon Black products – often through custom data ingestion or open APIs documented on GitHub – to build integrations that benefit an organization’s security posture and can be leveraged openly by the entire security community. Currently, more than 120 partners have built more than 140 documented integrations.

New CB Integration Network partners include: Active Countermeasures, Akamai, Cyber Crucible, D3 Security, Illusive Networks, JupiterOne, LookingGlass Cyber Solutions, Panaseer, Pliant, Remediant, SafeBreach, ThreatWarrior and XM Cyber.

“Managing endpoints is key to maintaining an organization’s threat posture. Being a part of Carbon Black’s Integration Network and leveraging their API makes it easy for JupiterOne Customers to collect endpoint information from Carbon Black, including how the security agent is configured, and correlate it with the rest of the organization’s infrastructure. By mapping the vulnerable endpoints and the rest of the resources a user can access across your infrastructure, JupiterOne with Carbon Black enables a better understanding of the significance of threats,” said Erkang Zheng, General Manager at JupiterOne.

“Enterprises are facing a security visibility issue; they are struggling to keep up with the proliferation of devices across cloud, mobile and IoT. We believe the integration between Panaseer’s Continuous Controls Monitoring platform and Carbon Black’s rich datasets, through its extensive open APIs, provides enterprises with an unparalleled view. It allows customers to validate Carbon Black has been installed across all devices and identify any coverage gaps. Through Panaseer’s remediation campaign tracking they can also monitor the progress and current status of any required corrective actions,” said Charaka Goonatilake, Chief Technology Officer at Panaseer.

“The openness of Carbon Black and the quality of the data it provides allows to automate effective responses with unprecedented confidence.  Pliant’s workflow automation visually abstracts code from process allowing users to quickly create very sophisticated and robust workflows across multiple domains or silos responding to immediately to threats uncovered by Carbon Black,” said Vess Bakalov, Chief Executive Officer at


Carbon Black Developer Portal

Carbon Black on GitHub

CB Predictive Security Cloud

Carbon Black Integration Network

Become a Partner

About Carbon Black

Carbon Black (NASDAQ: CBLK) is a leader in cloud endpoint protection dedicated to keeping the world safe from cyberattacks. The CB Predictive Security Cloud® (PSC) consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks.

More than 5,300 global customers, including 35 of the Fortune 100, trust Carbon Black to protect their organizations from cyberattacks. The company’s partner ecosystem features more than 500 MSSPs, VARs, distributors and technology integrations, as well as many of the world’s leading IR firms, who use Carbon Black’s technology in more than 500 breach investigations per year.

Carbon Black and the CB Predictive Security Cloud are registered trademarks or trademarks of Carbon Black, Inc. in the United States and/or other jurisdictions.