Dublin, Ireland - Corvil, the provider of real-time data analytics, has partnered with Carbon Black, provider of Endpoint Security (NGES), to provide customers with unified cyber-threat detection, analysis, and response to thwart cyber attacks.
The combined solution enables security teams to track and correlate activity across their networks and endpoints helping to accelerate detection and response times and streamline forensic investigations.
The integration also enables customers to prioritize alerts, reducing the overhead from false positives and manual investigations. By correlating malicious traffic and cross-device user activity with originating processes and specific files accessed, both in real-time and retrospectively, security teams can identify and investigate threats.
Customers will have the ability to track both Indicators of Compromise (IoCs), and Patterns of Attack (PoAs) seen across the network and endpoints.
By correlating Carbon Black's endpoint data with Corvil's full-fidelity, retrospective packet capture, the unified solution enables security teams to answer critical questions such as:
- "How long have the attackers been in our network?"
- "What sensitive data and credentials have been exfiltrated?"
- "Which command-and-control servers are communicating with our compromised systems?"
- "Which mobile and uninstrumented hosts are accessing which resources?"