Bit9 + Carbon Black Connect Alliance Partners

The Bit9 + Carbon Black Connect Partner Program supports vendor interoperability to help customers build next-generation security infrastructures. Leveraging our Open APIs, Bit9 + Carbon Black has partnered with industry leaders to create integrated solutions that provide end-to-end protection against advanced threats.

As a member of the Bit9 + Carbon Black Connect program, partners can submit their products to Bit9 for certification and promote interoperability across security solutions.

If you are interested in becoming a Bit9 + Carbon Black Connect partner, please contact us at

Bit9 + Carbon Black has partnered with vendors in the network security ecosystem to enable customers to correlate network alerts with endpoint and server data for improved prevention, better detection and faster incident response.

Network Security Alliance Partners


Blue Coat is a leader in enterprise security, providing on-premise, hybrid and cloud-based solutions for protecting web connectivity, combating advanced threats and responding to security breaches. Blue Coat is the global market leader in securing connection to the web and counts nearly 80 percent of the Global Fortune 500 as its customers.

For more information, please visit

Check Point Next Generation Firewall

The Check Point Next Generation Firewall extends the power of the firewall beyond stopping unauthorized access by adding IPS and Application Control protections. With detailed visibility into the users, groups, applications, machines and connection types, the Check Point Firewall Software Blade enables network administrators to provide superior protection across the entire security gateway.

Check Point Threat Cloud Emulation Service

Check Point ThreatCloud Emulation Service prevents infections from undiscovered exploits, zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network.

Cyphort Advanced Threat Defense Platform

The Cyphort Advanced Threat Defense Platform detects advanced malware, prioritizes remediation and automates containment. Cyphort customers benefit from early and reliable detection and fast remediation of breaches across their infrastructure. Cyphorts’ unique approach combines best-in-class malware detection with the knowledge of threat severity, value of targeted user and assets, and malware lifecycle to prioritize threats that matter to you while suppressing the noise.

Damballa Failsafe for Enterprise

Damballa Failsafe is an automatic breach defense system that detects APT and advanced malware infections with certainty, terminates their activity and gives responders the ammunition needed to rapidly prevent loss. Failsafe delivers actionable information about known and unknown threats regardless of the infection’s source, entry vector or OS of the device.

Fidelis XPS

Research shows that the most advanced threats attacking the enterprise are so well hidden they go unnoticed for months, even years, without detection. Today’s threat actors conduct detailed reconnaissance and develop custom malware in an effort to penetrate networks and ultimately steal valuable data including intellectual property, business plans and personal information. Our experience protecting the world’s most sensitive networks for more than a decade validates that robust network monitoring, not just attempting to find inbound malware, is key to detecting threats before anything is stolen.

Fidelis XPS™ is the only Comprehensive Advanced Threat Defense solution that stops advanced threats with industry-leading network traffic and payload analysis across all phases of the threat lifecycle.


Infoblox delivers network control solutions, the fundamental technology that connects end users, devices, and networks. These solutions enable more than 8,100 enterprises and service providers to transform, secure, and scale complex networks. Infoblox helps take the burden of complex network control out of human hands, reduce costs, and increase security, accuracy, and uptime. Infoblox is headquartered in Santa Clara, California, and has operations in over 25 countries.

For more information, visit

Lastline Breach Detection Platform

The Lastline Breach Detection Platform provides comprehensive detection of advanced and evasive threats across your entire enterprise — Operating systems (Windows, Mac OS X, and Android), physical and virtual hosts, services, users, network infrastructure and Web, email, file, and mobile applications. The culmination of more than ten years of R&D specifically focused on advanced and evasive breach weaponry and tactics, Lastline’s flexible software-based platform allows organizations to scale their breach defenses on a predictable basis, from a single location to any number of remote, branch, and mobile offices.

Palo Alto Networks Next Generation Firewall

The Palo Alto Networks Next Generation Firewall acts as the basis of an enterprise security platform that is designed from the ground up to address the most sophisticated threats. The Palo Alto Next Generation Firewall offers traffic classification that natively inspects all applications, threats and content, then ties that traffic to the user, regardless of location or device type. The application, content, and user—the elements that run your business—then become integral components of your enterprise security policy. The result is the ability to align security with key business initiatives.

Palo Alto Networks WildFire

WildFire identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) by directly executing them in a scalable cloud-based, virtual sandbox environment. WildFire automatically creates and disseminates protections in near real-time to help security teams meet the challenge of advanced cyber attacks.

Bit9 + Carbon Black has partnered with leading data analytics and security information and event management (SIEM) providers to enable customers to leverage a centralized data repository to view all their security information. Bit9 + Carbon Black delivers standards-based and proprietary integrations so security analysts can view endpoint and server events alongside other security information, in real time.

Analytics & SIEM Alliance Partners


HP logo

HP ArcSight

The HP ArcSight Security Intelligence platform helps safeguard your business by giving you complete visibility into activity across the IT infrastructure-including external threats such as malware and hackers, internal threats such as data breaches and fraud, risks from application flaws and configuration changes, and compliance pressures from failed audits. This solution enables you to collect, analyze, and assess IT security, enterprise security and non-security events for rapid identification, prioritization and response.

IBM Security QRadar

IBM Security QRadar® SIEM consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. It performs immediate normalization and correlation activities on raw data to distinguish real threats from false positives. IBM Security QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents.


LogRhythm is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring and Machine Analytics, with Host and Network Forensics, in a unified Security Intelligence Platform. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. LogRhythm delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.


RSA NextGen offers an enterprise software framework that captures all network traffic and reconstructs the network sessions to the application layer for automated alerting and monitoring, and interactive analysis and review. By having all this information immediately accessible, customers have the agility to respond to emerging threats and forensics investigations, identify broken business processes, mitigate intentional data exfiltration and confront tomorrow’s challenges.

Splunk Enterprise

Splunk Enterprise is the industry-leading platform for machine data. Splunk Enterprise provides an easy, fast and secure way to analyze the massive streams of machine data generated by your IT systems and technology infrastructure—whether it’s physical, virtual or in the cloud. Use Splunk Enterprise to troubleshoot problems and investigate security incidents in minutes, not hours or days. Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain operational intelligence with real-time visibility and critical insights into customer experience, transactions and other key business metrics. Splunk Enterprise makes your machine data accessible, usable and valuable across the organization.

Believing that no one company has a lock on the world’s threat intelligence, Bit9 + Carbon Black has partnered with leading vendors in the threat intelligence space to bolster the ability of Bit9 + Carbon Black customers to more easily apply threat intelligence to their endpoint and server data.

Threat Intelligence Alliance Partners



AlienVault’s mission is to enable organizations with limited resources to accelerate and simplify their ability to detect and respond to the growing landscape of cyber threats. Powered by threat intelligence from AlienVault Labs and the AlienVault Open Threat Exchange—the world’s largest crowd-sourced threat intelligence network — AlienVault USM delivers a unified, simple and affordable solution for threat detection, incident response and compliance management.

For more information, visit:

BrightPoint Security

BrightPoint Security provides a Threat Intelligence Platform that automates the process of collecting, analyzing, correlating and securely sharing structured and unstructured machine-readable information on current an d emerging cyber threats. The BrightPoint Sentinel Platform dramatically increases operational efficiency by reducing the time it takes enterprises to identify and remediate security threats. BrightPoint enables secure and anonymous sharing and ensures control and protection of threat data. BrightPoint reduces discovery time, remediation time, and overall risk to cyber-threats.

For more information, visit:

Facebook ThreatExchange

Facebook ThreatExchange

Learn about threats. Share threat information back. Everyone gets more secure. Facebook’s ThreatExchange platform enables participating organizations to share threat data using a convenient, structured, and easy-to-use API that provides privacy controls to enable sharing with only desired groups.

For more information and apply to join, visit:

iSIGHT Partners

Since 2007, iSIGHT Partners has been recognized as the leader in cyber threat intelligence. Through its established intelligence team made up of over 190 different experts in 16 different countries, the iSIGHT Partners team focuses exclusively on analyzing and understanding the global threat ecosystem, to include threat sources and the methodologies they employ, and partners with its customers’ security and intelligence operations to empower an intelligence-led security strategy that connects intelligence directly to their business.

See more at:


Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

Learn more at:

ThreatConnect, Inc.

ThreatConnect, Inc. is the leading provider of advanced threat intelligence products and services including ThreatConnect®, the most comprehensive Threat Intelligence Platform (TIP) on the market. ThreatConnect delivers a single platform in the cloud and on-premises to effectively aggregate, analyze, and act to counter sophisticated cyber-attacks. Leveraging advanced analytics capabilities ThreatConnect offers a superior understanding of relevant cyber threats to business operations.

To register for a free ThreatConnect account, or to learn more about our products and services, visit:


ThreatQuotient provides ThreatQ, a Threat Intelligence Platform (TIP) that automates, manages, and operationalizes critical threat intelligence, enabling security teams to collaborate and make more informed decisions regarding their security posture. ThreatQ is a cornerstone platform for threat intelligence providing security teams with much-needed contextual information regarding indicators of compromise (IOC), attack tracking and adversary activity. ThreatQ enables cyber security teams to be smarter, quicker and respond faster to adversary activity in minutes, not hours or weeks.

For more information, visit:


ThreatStream® provides the leading enterprise class Threat Intelligence Platform, combining comprehensive threat data collection, prioritization, and analytics with secure collaboration in a vetted community. Offering the broadest enterprise security infrastructure integration available, ThreatStream enables organizations to proactively identify and combat cyber threats targeting their operations. Headquartered in Redwood City, California, the company is privately held and has received venture capital backing from General Catalyst Partners, Google Ventures, Institutional Venture Partners, Paladin Capital Group and individual investors.

For more information, visit:

Bit9 + Carbon Black has partnered with leading security, hardware and technology partners across the globe to help advance and improve the security posture of our joint-customers.

Microsoft logo


Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services, devices and solutions that help people and businesses realize their full potential.

Red Hat Logo

Red Hat

Red Hat is the world’s leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As a connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT.

For more information, visit

Toshiba Connect Logo

Toshiba Commerce

Toshiba Global Commerce Solutions is retail’s first choice for integrated in-store solutions. The leading supplier of point-of-sale systems with a worldwide install base larger than any three major competitors combined, Toshiba is committed to delivering innovative commerce solutions that transform checkout, provide seamless consumer interactions and optimize retail operations. Toshiba, along with our global team of dedicated business partners, provides end-to-end solutions, service and support that help clients meet virtually any retail technology need.

For more information, visit

Wombat Security Technologies logo

Wombat Security Technologies

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Wombat’s training solutions help Fortune 1000 and Global 2000 reduce successful phishing attacks and malware infections.

Bit9 + Carbon Black