Bit9 moves to spot lurking threats with Carbon Black 5.0

Bit9 has launched Carbon Black 5.0, an attack detection and mitigation tool which the firm claims will allow enterprises to detect, track and defend against next-generation cyber threats.

Carbon Black 5.0 is an upgraded version of the firm's endpoint threat detection service that adds a number of new powers.

Key additions include a combined continuous endpoint recording feature that integrates with Carbon Black's live incident response capabilities.

Brian Hazzard, vice president of product management at Bit9, said that the combination of technologies radically increases the speed at which enterprise customers can detect and react to threats.

"Now responders, through one solution and console, can understand the entire attack kill chain, customise their detection, hunt for threats, isolate impacted endpoints, terminate attacks and remediate threats at the moment of compromise," he said.

"No other single solution can deliver the complete value of a continuous recorder and live response capabilities to enterprises, information retrieval companies and managed security service providers."

Other features of Carbon Black 5.0 include advanced key performance indicator dashboards, "enriched" threat intelligence and prioritisation tracking.

The dashboards measure and chart dwell time, while the enhanced intelligence is designed to let firms monitor and investigate suspicious activity. It can reportedly spot events like files executing from the recycle bin, ransomware and backdoor installations.

The prioritisation and tracking service lets IT managers rate threat severity and customise the response.

Charles Kolodgy, research vice president of secure products at IDC, expects Carbon Black 5.0 to fill a gap in the security market.

"The endpoint security market is crowded with vendors that offer detection and analysis or containment and eradication capabilities," he said.

"What is missing is a combination of continuous recording of the endpoint state, malicious activity discovery, attack termination by killing processes, and immediate remediation. Carbon Black 5.0 is offering this combination."

Carbon Black 5.0's release comes during a turbulent period in the security industry. Researchers reported spotting a bug in numerous Linux systems, including Red Hat and Ubuntu, codenamed Ghost earlier in January.

Researchers also spotted evolved versions of the kjw0rm and Sir DoOoM malware being developed on a bogus computer enthusiast site.

The UK and US governments announced plans on 19 January to develop and share defence intelligence and technologies to mitigate cyber threats.