Carbon Black, the leader in next-generation endpoint security, announced the release of Cb Protection 8.0, the only application control solution on the market toautomate lockdown of data centre servers .
Cb Protection is deployed on 4 million computers worldwide, including at leading Fortune 500 organisations. Customers use Cb Protection to lockdown servers and critical systems to stop all forms of cyberattacks including malware, ransomware, zero-day attacks and non-malware attacks.
Cb Protection was the only security solution to earn 100 percent protection efficacy in NSS Labs’ Advanced Endpoint Protection test.
Cb Protection 8.0 features “Rapid Configs,” which enable the highest form of server protection quicker and more effectively than ever before. These out-of-the-box and cloud-delivered protection rules simplify configuration of application control policies and optimise protection against attacks targeting servers.
Some of the Rapid Configs included with Cb Protection 8.0 are: OS Hardening, Browser Protection, and MS Office Protection. These configurations can be delivered from the cloud, so as Carbon Black receives feedback from customers, we can rapidly develop and deliver. With “Rapid Configs,” users experience fast time to value while establishing and maintaining the highest form of lockdown security available.
“‘Rapid Configs’ dramatically simplifies configuration for users and eases day-to-day management,” said Michael Viscuso, Carbon Black’s co-founder and CTO. Now, customers can experience superior protection for data centre servers without the additional effort traditionally associated with application control solutions.”
Cb Protection 8.0 includes a few, additional product enhancements:
Improved protection against non-malware attacks
Enhanced PowerShell and Script Protection: Cb Protection 8.0 features more granular control of policies through command-line arguments. With the increase in attacks leveraging frameworks such as PowerShell, Cb Protection empowers administrators to specifically control command-line usage in the data centre as a measure to harden servers.
This feature means administrators have continuous access to the benefits of command-line tools while also being protected against attacks attempting to exploit them.
Streamlined management at scale
Unified management, rapid rendering and API improvements: Cb Protection 8.0 features a new, modern UI and the ability to manage all servers from a single console, regardless of deployment location. Unified Management allows customers to keep “local” data “local” in order to meet compliance requirements. Rapid rendering dynamically displays content to users when it’s available, dramatically improving UI response times.
Role-based access control: New controls restrict which users can make changes to specific device groups or policy changes to specific servers. These controls also provide better visibility to mitigate insider threats by limiting access to specific, trusted users.
“Servers are under attack and are among the most breached assets,” said Viscuso. “Traditional defenses, such as antivirus, are ineffective at stopping advanced attacks against servers. Cb Protection provides the strongest form of lockdown security for servers with minimal impact to systems.”
Cb Protection empowers security teams to:
Lockdown servers: Cb Protection combines application control, file integrity monitoring and memory protection for the strongest form of server lockdown. Cb Protection enables security teams to control files and applications, monitor activity, prevent all unauthorised change, and harden servers.
Achieve continuous compliance: Cb Protection enables security teams to maintain continuous regulatory compliance with security controls required by regulatory bodies. The result is minimised compliance risk and full audit trails of all changes.
Simplify server administration: Cb Protection simplifies administrative tasks commonly required for servers, including configuration management and emergency patching. Additional automation, preconfigured protection templates and policy-driven configuration offer faster time-to-value and low system-resource impact.