Network and perimeter-based security remainsa crucial pillar of enterpriseresilience, but with the rise of new computing models like thecloudand mobile, more emphasis is being placed on protecting endpoints than ever before. And with business processes and communications increasingly take place outside of traditional firewall boundaries, vendorslike Carbon Black and CrowdStrike are focused on protectingthesepotential cyber attack entry points wherever they may be, inside or outside the perimeter network.
In a recent report comparing various endpoint cybersecurity solutions, Gartner cited endpoint detection and response (EDR) as being integral to a firm's ideal overall endpoint security strategy, a modelit refers to as an Adaptive Protection Architecture. This security frameworkcovers preventive, detective, retrospective and predictive measures for maintaining competent security.
EDR solutions providethe first two―preventative and detective measures―by analyzing endpoints for suspicious changes and activity. For example, both Carbon Black and CrowdStrike provide antivirus and malware protection as a first line of defense again security compromises.
Carbon BlackPreviously known as Bit9 + Carbon Black, Carbon Black more or less came into its own after merging with Bit9 in 2014. This merger enabled itto combine competencies in endpoint threat preventionwith endpoint threat detection and response fordelivering so-called "n ext-generation endpoint security." This investment has clearly paid off―a ccording to a recent IDC report, Carbon Black has 37 percent market share in the endpoint protection space.
The Carbon BlackUI. Source: carbonblack.com.
CrowdStrike
CrowdStrike is another leader in the next-generation endpoint protection space. Founded by McAfee's former CTO, the firm focuses on endpoint security, threat intelligence, and incident response. The company was recently called in to handle the DNC breach , andhas been hiredto investigatemany recent high-profile data breaches.
The CrowdStrike Falcon UI. Source: crowdstrike.com.
Side-by-Side Scoring: Carbon Blackvs.CrowdStrike
1. Capability Set
CrowdStrike's Falcon platform utilizes antivirus/antimalware, threat response, anomaly detectionand more to provide comprehensive endpoint monitoring and protection. Similarly, Carbon Black's endpoint security platform combines antivirus/antimalware, incident response, and threat management features into a single pane of glassweb console.
Carbon BlackCrowdStrike
2. Ease of Use
CrowdStrike's web-based management console has all the trappings of your typical SaaS offering, making itat once familiar and easy to use. Carbon Black's updated web interface also make itsplatform easy to get up to speed with; that said, both can feel unwieldy due to the volume ofinformation presented in each front-end.
Carbon BlackCrowdStrike
3. Community Support
Carbon Black has made a variety of community support resources available, including its User eXchange community portal and community wiki on GitHub. CrowdStrike also provides a GitHub page as well as a set of free community tools for scanning for specificvulnerabilities and other security functions.
Carbon BlackCrowdStrike
4. Release Rate
Currently on version 5, Carbon Black has not made its release history immediately available on the company'swebsite―s uffice to say, its offering has undergone significant transformations over the years, especially with the Bit9 merger: Cb Protection's comprehensive endpoint protection is in fact Bit9, while Cb Response is Carbon Black's real-time endpoint detection and response solution. Similarly, CrowdStrike's release history is not available on the website―the platform is currently on version 2.
Carbon BlackCrowdStrike
5. Pricing and Support
Though pricing is not publicly available,Carbon Black implementations for medium-sized infrastructures can run in the tens of thousands. Similarly, CrowdStrike's solution for complete endpoint protection―including its cloud and intelligence platforms―iscertainly out of reach for organizations with modest security budgets.
Both vendors offer standard options for paid-for phone and email support, as well as professional services and custom offerings likeincident response and remediation services.
Carbon