Posts

Bit9+Carbon Black and FL based Sylint Group partner to provide global cybersecurity services

WALTHAM, Mass.— Bit9, the leader in advanced threat protection for endpoints and servers, today announced the Bit9 Connect Alliance Partner Program. The program integrates the leading endpoint and server security solution from Bit9 + Carbon Black with top network security, analytics and SIEM, threat intelligence and security service provider solutions so organizations can choose best-of-breed solutions from different vendors to create a unified defense against cyber threats.

Companies participating in the program represent the best of the best in their respective segments of security. The end result is enterprises that deploy the Bit9 Security Platform with any or all of the alliance partners’ offerings will strengthen their security posture, decrease their total costs of ownership, achieve faster deployment times, and gain increased value from their integrated solutions. Participating vendors’ solutions are certified to fully integrate with the Bit9 platform.

The new program, which is being introduced a week following Bit9’s merger with Carbon Black, covers the complete security ecosystem, including:

  • Network Security–Bit9 and Carbon Black partner with vendors in the network security space to enable customers to correlate their network data with their endpoint and server data. As network security solutions detect malware on the network, Bit9 and Carbon Black consume the network alerts and automatically determine where the malware landed, if it executed, and how many machines were affected. This instant visibility enables security analysts to filter out non-actionable events, prioritize high-impact alerts, and rapidly respond to security incidents. Likewise, when Bit9 detects unknown or suspicious executable files on endpoints and servers, it can send the file to a detonation engine for analysis. If a risk analysis determines that the file is malicious, Bit9 can automatically ban it from spreading to other endpoints or servers within a customer’s environment. Certified network security solutions include Check Point Next Generation FirewallGeneral Dynamics Fidelis Cybersecurity SolutionsFireEye EXFireEye NX, and Palo Alto Networks Next-Generation Firewall.
  • Analytics and SIEM—Bit9 works with vendors in the data analytics and security information and event management (SIEM) space to enable customers to view all of their security information from one centralized data repository. Bit9 offers standards-based and proprietary integrations with leaders in this space so security analysts can view endpoint and server events alongside other security information. Certified analytics and SIEM solutions in the program include HP ArcSightIBM QRadarLogRhythm, and RSA NetWitness.
  • Threat Intelligence—Bit9 partners with threat intelligence vendors to bolster the power of the Bit9 Software Reputation Service (SRS). The Bit9 SRS is a cloud-based intelligence database that provides insight into known-good, known-bad and unproven software, giving IT and security teams actionable intelligence about the software installed within their enterprise. Our threat intelligence partners provide valuable feeds so Bit9 can provide customers with the most accurate and up-to-date software reputation data. Bit9’s threat intelligence partners include OPSWAT and Team Cymru. Bit9 will announce additional threat intelligence partners later this quarter.
  • Security Service Providers—Bit9 partners with managed security service providers (MSSP) to fully empower security analysts to detect, respond and remediate advanced threats that target their customers. Bit9 also works closely with incident response (IR) consulting firms to help clients gain immediate access to the Bit9 + Carbon Black solution to aid in remediation efforts. As IR teams identify the malicious files used to execute an attack, Bit9 can identify each endpoint and server on which the malware has landed. This immediate visibility enables IR teams to rapidly contain attacks and accelerate remediation. Certified security service provider partners in the Bit9 Connect program include AccuvantFishNet Security and Sylint.

Bit9 Executive Quote: Tom Barsi, vice president of business development
“Legacy security systems do not solve the problem for today’s advanced threats. Customers are defending themselves against advanced threats with a completely new approach across their security stack. I’m excited to announce that today, Bit9 is taking a step forward to create a holistic ecosystem of security partners that helps close the security gap and provides a 360-degree view of advanced threat security.”

Palo Alto Networks Executive Quote: Scott Gainey, vice president of marketing and programs
“Bit9 is setting the pace for Endpoint Threat Detection, Response and Prevention solutions. Since our partnership began in 2013, we have been consistently impressed with Bit9’s execution, and our customers have demonstrated strong interest in our integrated network and endpoint security offerings. The Bit9 Connect Program will only deliver further value as customers continue to build out next-generation security infrastructures.”

IBM QRadar Executive Quote: Jason Corbin, director of security intelligence strategy and product management
“With today’s increasingly complex threats, more network context helps security teams detect attacks and remediate breaches faster. The Bit9 Security Platform provides the QRadar Security Intelligence solution with in-depth visibility around endpoint security. Our joint solution identifies where files originate, any propagation to other machines, and whether they’re executable, malicious or involved in a current attack. We’re excited about Bit9 adding more intelligence and visibility around security threats such as malware and zero-day attacks to QRadar’s leading analytical capabilities.”

Sylint Executive Quote: Serge Jorgensen, chief technology officer
“The Bit9 team and product suite bring a strong new set of capabilities to any incident response toolkit. Bit9’s technology consistently increases the accuracy, speed and efficiency of our incident response process by precisely identifying key files and machines and allowing a more effective triage and mitigation.”

About Sylint

Formed in 1998, our firm has developed a national reputation as a leader in its field. We serve clients from Fortune 50 to small firms and municipalities. Our professionals combine experience from National Intelligence Agencies, Department of Defense, law enforcement, and corporate entities Sylint provides comprehensive cyber security and investigative services to keep our clients secure in a cost efficient manner. Our services include detection and remediation of corporate espionage, fraud identification, cyber security posture review, and regulatory compliance.

About Bit9 + Carbon Black

Bit9 and Carbon Black have joined together to offer the industry’s most complete solution for advanced threat protection for endpoints and servers. The merged company helps organizations protect themselves from advanced threats in two critical ways: by reducing their attack surface through new signature-less forms of prevention, and rapidly detecting and responding to threats. We do this by leveraging the powerful combination of Carbon Black’s lightweight endpoint sensor, which can be rapidly deployed with no configuration to deliver “incident response in seconds,” and Bit9’s industry-leading prevention technologies to continuously monitor and record all activity on endpoints and servers and stop cyber threats that evade traditional security defenses. Our lightweight real-time sensor and recorder, cloud-based services, and real-time enforcement engine give organizations immediate visibility into everything running on their endpoints and servers; real-time signature-less detection of and protection against advanced threats; a recorded history of all endpoint and server activity to rapidly respond to alerts and incidents; and real-time integration with network security devices such as Check Point, FireEye and Palo Alto Networks. 1,000 organizations worldwide—from 25 Fortune 100 companies to small businesses—use Bit9 and Carbon Black to increase security, reduce operational costs and improve compliance.

The Cyber Attacks are coming, the Cyber Attacks are coming!

If you Google the words “cyber attacks” you will get 164 million results. So where is our government on defending you and me against this growing peril? According to experts like John Jorgenson, CEO and founding partner of  the Sylint Group, our government is woefully behind the times in capability and capacity to deal with the threat of cyber attacks let alone the cyber warfare being conducted on a global scale by nation states such as China, Russia, North Korea and Iran.

Today the cry across America is the cyber attacks are coming, the cyber attacks are coming! But no one is taking action. No one that is except those few who, like Jorgenson, truly understand the catastrophic nature of the threat.

The most recent cyber attack was against our federal court system. Politico’s Tony Romm reports, “Unidentified hackers took aim at the federal court system Friday [January 24, 2014], blocking access to its public website while preventing lawyers and litigants from filing legal documents online. The incident affected uscourts.gov the federal court’s public hub, as well as most if not all federal court sites — not to mention the federal court system’s electronic filing system and its access page, PACER, a spokesman for the Administrative Office of the U.S. Courts said Friday.” The site remained down when this column was posted.

john jorgenson

John Jorgensen, CEO and a founding partner of the Sylint Group.

Jorgenson notes, “Since President Obama created a White House ‘cyber czar‘ position in 2009 there have been six appointed and then leave the position. The reason is a lack of support and funding for the program.”

In an email Jorgenson states, “The Cyber Czar count is difficult to do because of the people who temporarily held the post and the ‘Cyber Czar’ post being identified with the Obama Administration and DHS both. It is not easy to find the names of those who resigned. The press makes it out that there has been only one Cyber Czar under Obama, Schmidt. You have to really search to find the others.” The players since President Obama first took office are:

  • Rod Beckstrom – Resigned/Replaced, White House
  • Melissa Hathaway – Resigned. Hathaway was said to have been temporary, White House. But was she temporary because she resigned so quickly after making negative comments about the administration?
  • Howard Schmidt – Retired (Stated at RSA, 2010 or 2011, that there is no Cyber Warfare), White House.
  • Unknown – There was talk of a woman who took Schmidt’s place but soon resigned and Schmidt stayed on, White House.
  • Mark Weatherford – DHS / resigned.
  • Bruce McConnell – DHS / Temporary.
  • Michael Daniel – Current, White House.

“At issue is that a post as important as this, has had enormous turnover and turmoil, and we are only five years into the administration ‘leadership’. Nothing of substance to protect commercial industry, the countries infrastructure, or the citizen has come out of the White House. From the attacks being made on the United States on the Cyber Battlefield our advisories are taking Cyber Warfare seriously while we can’t find a credible Field Marshall let alone decide what needs to be done,” notes Jorgenson.

John Kelly from HowStuffWorks.com wrote, “In 2009, U.S. Defense Secretary Robert Gates declared that the U.S. ‘is under cyber-attack virtually all the time, every day’ [source: Farrell]. He wasn’t joking. That year, computer spies gained access to files about the Pentagon’s $300 billion Joint Strike Fighter project, intruders breached the Air Force’s air-traffic-control system, Chinese hackers penetrated computers at Google, and Russian cyber-thieves stole tens of millions of dollars from Citibank.”

On June 23, 2009, the Secretary of Defense directed the Commander of U.S. Strategic Command to establish a sub-unified command, United States Cyber Command (USCYBERCOM). Full Operational Capability (FOC) was achieved Oct. 31, 2010. The command is located at Fort Meade, Maryland.

NextGov.com reports, “In the 2014 National Defense Authorization Act passed by House lawmakers last week, Congress required the Defense Department appoint a high level Principal Cyber Advisor with a broad oversight portfolio that includes offensive and defensive cyber missions, resources, personnel, acquisition and technology. A Senate vote on the bill is expected this week. The new cyber advisor will have ‘overall supervision’ of all Defense cyber operations and will oversee a team that will integrate the cyber expertise of the four services, combatant commands and Defense agencies.”

Jorgenson believes that “major government systems have been compromised, including the US electrical grid.” Jorgenson stated that other systems such as health care, hospitals and our food supply systems are targets of cyber attacks. These attacks are dangerous because according to Jorgenson, “they place malware on corporate and government computer systems with the intent of controlling manufacturing, distribution and information system processes.”

The danger is real, clear and present. However, it appears the federal government and Congress is less concerned with the threat as it is with making political points over the dysfunctional HeathCare.gov website. Which by the way has been compromised!