News Releases3 min read

Carbon Black’s CB Defense Recognized by Ovum as a Key Technology to Replace Legacy Antivirus

Report states CB Defense provides effective protection against malware and file-less attacks in the cloud 

Reading, UK. – 5th September 2017 — Carbon Black, a leader in next-generation endpoint security, today announced a new, independent report from analyst firm Ovum recognizing CB Defense, the company’s next-generation antivirus (NGAV) solution, as a compelling option for any Endpoint Protection Platform (EPP) project to replace legacy antivirus.

The report, On the Radar: Carbon Black defends against malware and file-less attacks, outlines how threat actors are increasingly moving to circumvent anti-malware systems by compromising legitimate on-device tools, resulting in a growing need for technology that can address malware, file-less attacks, and in-memory attacks. The report states: “Carbon Black’s CB Defense addresses this requirement and is well positioned to grow its market share as a result.”

“Carbon Black makes no bones about the fact that it is seeking to replace both legacy incumbent products and the other next-generation newcomers in the world of EPP,” wrote Rik Turner, Principal Ovum Analyst “CB Defense uses a lightweight agent on the endpoint, requiring no more than 1% or 2% of the power of the local processor to look at events, enforce prevention, and send data up to the system’s cloud-based brain. Static and dynamic analysis is performed on the endpoint and in the cloud. This stance differentiates Carbon Black from many of its competitors, which focus on static analysis.”

CB Defense is a cloud-based NGAV solution for desktops, laptops, and servers that combines advanced prevention of malware and attacks with detection and response capabilities. The Ovum report recommends that enterprises put CB Defense on their radar because, instead of relying on signatures, Carbon Black combines static and dynamic analysis to detect malicious code and attack streams. The report describes Carbon Black’s approach “to file-less attacks, [which] relies on a continual risk profile assessment to determine whether a legitimate tool is being misused and, if necessary, block it. The system’s heavy lifting is all in the cloud, with a lightweight agent on the endpoint that looks at events and applies prevention.”

The report also highlighted:

• CB Defense is an EPP that combines next-generation antivirus (NGAV) and endpoint detection and response (EDR) to detect, prevent, and respond to both malware and file-less attacks.

• For blocking attacks, Carbon Black has developed a breakthrough technology: streaming prevention. This approach leverages event-stream processing to update a risk profile upon which it makes security decisions.

• Streaming prevention addresses attacks that leverage native operating system tools, such as PowerShell and Windows Management Instrumentation (WMI), as well as malware-based attacks.

The report hones in on Carbon Black’s streaming prevention technology and how CB Defense leverages it to address both malware and non-malware attacks. Streaming prevention is based on event-stream processing, a technology that underpins algorithmic day-trading and fraud detection. It continuously updates a risk profile based on a steady stream of computer activity, and when attack patterns are detected, the attack is blocked.

This new report comes on the back of CB Defense being recognized last month with an overall five-star rating by SC Media, the highest possible rating. Additionally CB Defense was recently named Best Advanced Persistent Threat (APT) Solution at the SC Magazine Awards Europe 2017 and won a 2017 Edison Award for innovation in cybersecurity.

About Carbon Black

Carbon Black is a leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, CB Defense, leverages breakthrough prevention technology, streaming prevention, to instantly see and stop cyberattacks before they execute. CB Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 9 million endpoints under management, Carbon Black has more than 3,000 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.