Carbon Black Updates Application Control Tool To Delete Malicious Files
Carbon Black will roll out an updated version of its application control offering that enhances compliance by allowing users to delete malicious files.
The Waltham, Mass.-based endpoint security vendor said the 'file delete' feature on Cb Protection 8.1 will allow it to meet the Payment Card Industry Data Security Standard (PCI DSS) without forcing users to also obtain a legacy anti-virus offering, according to Chief Product Officer Ryan Polk.
"This is the next step, the next evolution of our capabilities," Polk told CRN exclusively.
Cb Protection 8.1 has visibility into all files on an endpoint across an environment, according to Principal Product Manager Tim Smith. As a result, Smith said the tool can go into the console, select a file, and request that it be deleted from all applicable endpoints.
Carbon Black's reputation service indicates to the company whether or not a file is a threat without any manual action required, Smith said. As a result, Smith said the company is able to automatically delete a file should it detect certain things happening in an environment.
Prior to Protection 8.1, Carbon Black would in essence quarantine malicious files by making it so that the executable couldn't execute, said Smith. But PCI DSS requires that products take direct action to delete malicious files, according to Smith.
File deletion capabilities are typical in anti-virus tools but not application control offerings, which Polk said should give Carbon Black an edge in the market. Cb Protection 8.1 also add two-factor authentication to the console, which Smith said is another capability required by PCI DSS.
The latest version of Cb Protection also support FIPS-140, which Smith said was a major priority for Carbon Black's federal customers. Version 8.1 achieved FIPS compliance by building in features that address back-end capabilities as well as the handling of encrypted data inside the endpoint.
Cb Protection 8.1 will be available Aug. 30, Smith said, and pricing will remain unchanged from the 8.0 version. The company said it doesn't publicly disclose the price of the product.
Upgrading from Cb Protection 8.0 to Cb Protection 8.1 is relatively seamless, Polk said, requiring only the running of an executable on the server which in turn provides the automated capability to upgrade the endpoint software across the suite.