Carbon Black's purchase of Confer shows EDR is the winning approach to cyber security

Written By

Lior Div

I was happy to read today’s news about Carbon Black purchasing Confer. This acquisition, along with Cisco’s acquisition of CloudLock earlier this month, shows the strength of Boston’s cyber-security community. Massachusetts is clearly becoming the cyber-security capital of the U.S., and I am proud to have Cybereason’s headquarters in Boston.

The acquisition proves that the endpoint detection and response (EDR) market is maturing. A few years ago antivirus software was seen as the most effective tool for keeping a company safe from attackers. But as we’ve seen with the rash of breaches in recent years, prevention is far from sufficient at keeping companies safe.

Now businesses as well as security vendors realize the importance of detection and response and realize the critical role endpoints play in delivering these capabilities. You’re seeing enterprises boost their endpoint security budgets to include EDR capabilities and vendors acquire endpoint companies in an effort to beef up their products and offer a more complete suite of prevention, detection and response solutions.

The Confer acquisition demonstrates the value of analytics. It shows that endpoint visibility is important, but only as a mean to end to acquire data and apply analytics to spot bad activity.

This merger clearly establishes four players in the EDR market: Crowdstrike, Carbon Black, Cylance and Cybereason.

How do we win in this market? We are the only EDR player that does not look at one endpoint at a time and run analytics on the individual endpoint. While running analytics on an individual machine can effectively detect of some types of malware, it has proven ineffective at spotting advanced hacker activities such as fileless malware attacks or detecting activity that involves a few machines like lateral movement. It is an exciting time to be in cyber security. The opportunities are huge, and we are finally changing the odds in the favor the defenders.

Lior Div is the CEO of Cybereason.
Lior Div
About the Author

Lior Div

Lior Div, CEO and co-founder of Cybereason, began his career and later served as a Commander in the famed Unit 8200. His team conducted nation-state offensive operations with a 100% success rate for penetration of targets. He is a renowned expert in hacking operations, forensics, reverse engineering, malware analysis, cryptography and evasion. Lior has a very unique perspective on the most advanced attack techniques and how to leverage that knowledge to gain an advantage over the adversary. This perspective was key to developing an operation-centric approach to defending against the most advanced attacks and represents the direction security operations must take to ensure a future-ready defense posture.

All Posts by Lior Div

Related Posts

How Black History Icon Bessie Coleman Exemplifies Our Core Values

How Black History Icon Bessie Coleman Exemplifies Our Core Values

Customer Success Manager Michelle Winters discusses her favorite Black History icon, Bessie Coleman, and how this world-changing leader reflects our Core Values: Daring, UbU, Never Give Up, Ever Evolving, Win As One...

Everything Cybereason at the Black Hat 2022 Conference!

Everything Cybereason at the Black Hat 2022 Conference!

The Cybereason Team is excited to be part of Black Hat 2022, both virtually and in-person on August 10th and 11th! Be sure to stop by the Cybereason booth #1820 to get a custom printed Cybereason hoodie, a collectible Malicious Life Podcast tee shirt, enjoy deep-dive in-booth theater presentations, demos and more...

Recent Posts

Malicious Life Podcast: The Y2K Bug Pt. 2
Malicious Life Podcast: The Y2K Bug Pt. 1
Cybereason’s evolution to disrupt beyond SIEM and XDR market

Categories

All Posts