Carbon Black is introducing at RSA Conference 2017 next week a new way for its gear to detect attacks that don’t make their way into networks via viruses or malicious files that other endpoint security software can detect.
Called Streaming Prevention, the technology can find both malware and non-malware attacks by analyzing endpoint activities in the context of the sequences in which they unfold.
It does this by having endpoint agents tag events as they occur and streaming them to Carbon Black’s analysis engine in the cloud. There the engine determines whether it falls in a sequence of events that add up to an attack and tells the endpoint to block activity that is deemed malicious.
Source: NW Security 1