The Gateway to Algorithmic and Automated Trading

Corvil and Carbon Black provide accelerated threat detection

First Published 14th September 2016

Corvil's Security Analytics integrates with Cb Response helping to detect malicious activity in real time, and track and disable attacks.

Dublin, Ireland - Corvil, the provider of real-time data analytics, has partnered with Carbon Black, provider of Endpoint Security (NGES), to provide customers with unified cyber-threat detection, analysis, and response to thwart cyber attacks.

The combined solution enables security teams to track and correlate activity across their networks and endpoints helping to accelerate detection and response times and streamline forensic investigations.

The integration also enables customers to prioritize alerts, reducing the overhead from false positives and manual investigations. By correlating malicious traffic and cross-device user activity with originating processes and specific files accessed, both in real-time and retrospectively, security teams can identify and investigate threats.

Customers will have the ability to track both Indicators of Compromise (IoCs), and Patterns of Attack (PoAs) seen across the network and endpoints.

By correlating Carbon Black's endpoint data with Corvil's full-fidelity, retrospective packet capture, the unified solution enables security teams to answer critical questions such as:

  • "How long have the attackers been in our network?"
  • "What sensitive data and credentials have been exfiltrated?"
  • "Which command-and-control servers are communicating with our compromised systems?"
  • "Which mobile and uninstrumented hosts are accessing which resources?"