Confer is a lesser known advanced endpoint protection vendor. It provides a behavior-based method of threat detection.
There is no shortage of "next generation" behavior-based threat detection products, such as:
- Palo Alto Networks Traps (cyvera)
- SentinelOne
- CrowdStrike Falcon
This behavior based approach seems to be consistent the current company's post-carbon black acquisition emphasis on behavior. While there is no doubt the company should add fully integrated threat identification and prevention, new questions are raised:- Will this be integrated into existing products? Or will this become yet another agent and another siloed management system?
- Given the bit9 heritage, would not a static detection method be a better strategy? (This is how Cylance operates, for example.) Why double-down on behavior?
It will be interesting to see how this acquisition matures.
2.5 years following Bit9's acquisition of Carbon Black, integration between the two products remains tenuous. Separate agents and administration is still required. Hopefully lessons have been learned, some economy of scale is achieved, and full portfolio customers are not expected to install and manage three agents & consoles.
Then again, "Bit9 + Carbon Black + Confer" has a nice ring to it...
Source:
Carbon Black: https://www.carbonblack.com/2016/07/19/carbon-black-redefines-ngav-market-confer-acquisition/
No comments:
Post a Comment
Share your thoughts.