Content, Channel partners, Security Program Controls/Technologies, Endpoint/Device Security, Security Operations

Exabeam, Carbon Black Integrate SIEM, Endpoint Security

Credit: Pixabay

Exabeam has integrated its security information and event management (SIEM) platform with the Carbon Black Cb Response threat hunting product.

The integration with Cb Response empowers analysts and security operations center (SOC) staff to detect advanced cyber threats, according to a prepared statement. In addition, Exabeam users can leverage the integration to trigger automated incident response of detected threats via the Carbon Black application programming interface (API).

With the SIP-Cb Response integration, an alert triggered in Cb Response can be used within SIP to create baseline behaviors and identify anomalous sessions, as well as trigger an incident response playbook. This drives rapid incident investigation and containment, Exabeam indicated.

The integration also enables analysts and SOC staff to combine Carbon Black endpoint security data with third-party data from various security solutions, virtual private networks (VPNs) and other sources, Exabeam noted. By doing so, security analysts and SOC staff can use the integration to simultaneously improve their threat detection and lower their incident response time.

Exabeam and Carbon Black: Here's What You Need to Know

Exabeam offers SIP (Security Intelligence Platform), which provides end-to-end threat detection, analytics and response capabilities from a single security management and operations platform. SIP is used to monitor over 4 million employees worldwide, according to the company.

Exabeam's billings grew 205 percent year over year in the first quarter of 2018. The company also reported its channel-generated bookings grew over 150 percent in comparison to Q1 2017, and 89 percent of Exabeam customers have purchased multiple products from the company.

Carbon Black, now a publicly traded company, offers endpoint security products to over 3,700 customers globally. The company's offerings can be deployed via the cloud, on-premise or as a managed service. The platform supports application control, endpoint detection and response (EDR) and next-generation antivirus (NGAV) capabilities.

Carbon Black primarily sells its products through a channel go-to-market model. Furthermore, 94 percent of the company's new and add-on business was closed in collaboration with its channel partners in the final three months of 2017, the company indicated.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.