VMware Carbon Black

VMware Carbon Black and Cigent Endpoint Security Solution

Extend VMware Carbon Black Cloud Endpoint Standard Protections to Windows 10 Sensitive File Access

Executive Summary

Cigent’s Dynamic Data Defense Engine for Windows 10 (D3E) ingests threat intelligence and security events from VMware Carbon Black Cloud Endpoint Standard and, when the threat level is elevated, dynamically locks access to sensitive files and Cigent Secure Drives with step-up authentication.

There is a gaping hole in endpoint cybersecurity. When an endpoint is compromised by malware, hacker ingenuity, stolen credentials, or device theft/loss, there is no way to protect sensitive personal and corporate data. Full disk encryption protects data at rest but is not effective when the user is logged in.

Cigent has joined the VMware Carbon Black technology alliance partner program to prevent the financial and reputational loss due to advanced cyberattacks by helping organizations secure their sensitive files, even in the event of a breach.

Joint Solution Description

The Cigent D3E integration with VMware Carbon Black Cloud Endpoint Standard provides a highly effective automated response mechanism to threats detected on Windows 10 endpoints. The D3E cloud-based management console ingests security events from the VMware Carbon Black Cloud console and triggers Active Lock on the local device through the D3E Windows client. Active Lock protects individual files by requiring step-up authentication until the threat is cleared. This integration ensures sensitive files are protected during periods of elevated risk.

VMware Carbon Black Cloud also integrates with Dell SafeBIOS, which verifies that Dell BIOS firmware has not been tampered with.  With VMware Carbon Black Cloud Audit and Remediation, if an analyst finds the BIOS has been tampered with, they can remotely engage D3E Active Lock to protect Secure Drives from being accessed below-the-OS, where BIOS level attacks reside.

Cigent Solutions: Cigent D3E, Cigent Secure Drive

Zero-Trust Access Controls

D3E adds simple step-up authentication for access to sensitive files as well as Cigent Secure Drive. Verification that the trusted user is accessing files protects against data theft, ransomware, and insider theft. Files and folders can be configured to require step-up auth for access when threats are detected by Active Lock.

Cigent Secure Drive

When a system has Cigent DataSafe Storage or a TCG Opal 2.0 SSD, Secure Drive can be created to store sensitive files. Secure Drive is hidden from the entire PC unless and until the trusted user enables it. When a threat is detected, the O/S locks, or the PC shuts down, Secure Drive is hidden. The only way to unlock Secure Drive is with MFA using D3E installed on the machine which created Secure Drive. It uses firmware security to protect against the vast majority of endpoint threat vectors including below-the-OS attacks such as kernel and hypervisor attacks, chip implants, boot/rootkits, and firmware/BIOS malware, as well as credential compromise, software vulnerabilities, etc.

Active Lock Threat Response

Active Lock integrates with VMware Carbon Black Cloud to monitor attacks on PCs. When a threat is detected, Active Lock protects designated files and Cigent Secure Drives, requiring step-up authentication for access, until the threat is cleared. There are many options for step-up authentication from facial recognition and PIN to push notifications.

VMware Carbon Black Solutions: VMware Carbon Black Cloud Endpoint Standard

VMware Carbon Black Cloud Endpoint Standard

VMware Carbon Black Cloud Endpoint Standard uses heuristics, machine learning and behavioral EDR to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems.

Joint Integration Diagram

Cigent High-Level Architecture

Resources

Cigent D3E 

Cigent DataSafe Storage

VMware Carbon Black

Dell

Contact us

For more information or to speak with someone about the Cigent + VMware Carbon Black integration, please contact us.

THANK YOU!
Your submission has been received. We'll be in touch shortly.
Oops! Something went wrong while submitting the form.

About Cigent

Cigent Technology keeps the most valuable asset on your endpoint safe—your data. Our cybersecurity solutions are built by an elite team, with backgrounds in intelligence, ethical hacking to help public and private entities protect themselves, and data storage, including development, erasure, and advanced recovery. As a result,our solutions beat hackers at their own game, and keep your data safe.