Bit9 Connect Alliance Partners

The Bit9 Connect Partner Program supports vendor interoperability to help customers build next-generation security infrastructures. Bit9 has partnered with industry leaders to create integrated solutions that provide end-to-end protection against advanced threats.

As a member of the Bit9 Connect program, partners can submit their products to Bit9 for certification and promote interoperability across security solutions.

To learn more about the Bit9 Connect program please read our data sheet. If you are interested in becoming a Bit9 Connect partners, please contact us at

Bit9 has partnered with vendors in the network security ecosystem to enable customers to correlate network alerts with endpoint and server data. As network security solutions detect malware on the network, Bit9 consumes those alerts and automatically determines where the malware landed, if it executed, and how many machines were affected. This real-time visibility enables security analysts to filter out non-actionable events, prioritize high-impact alerts, and rapidly respond to potential intrusions.

Bit9 is also able to submit new files that arrive on endpoints – while off the network or via third party storage devices – to network threat analysis solutions. Based on the risk results, Bit9 can automatically ban malicious files from executing while permitting safe files to run.

Network Security Alliance Partners

Check Point Next Generation Firewall

The Check Point Next Generation Firewall extends the power of the firewall beyond stopping unauthorized access by adding IPS and Application Control protections. With detailed visibility into the users, groups, applications, machines and connection types, the Check Point Firewall Software Blade enables network administrators to provide superior protection across the entire security gateway.

Check Point Threat Cloud Emulation Service

Check Point ThreatCloud Emulation Service prevents infections from undiscovered exploits, zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network.

Cyphort Advanced Threat Defense Platform

The Cyphort Advanced Threat Defense Platform detects advanced malware, prioritizes remediation and automates containment. Cyphort customers benefit from early and reliable detection and fast remediation of breaches across their infrastructure. Cyphorts’ unique approach combines best-in-class malware detection with the knowledge of threat severity, value of targeted user and assets, and malware lifecycle to prioritize threats that matter to you while suppressing the noise.

Damballa Failsafe for Enterprise

Damballa Failsafe is an automatic breach defense system that detects APT and advanced malware infections with certainty, terminates their activity and gives responders the ammunition needed to rapidly prevent loss. Failsafe delivers actionable information about known and unknown threats regardless of the infection’s source, entry vector or OS of the device.

Fidelis XPS

Research shows that the most advanced threats attacking the enterprise are so well hidden they go unnoticed for months, even years, without detection. Today’s threat actors conduct detailed reconnaissance and develop custom malware in an effort to penetrate networks and ultimately steal valuable data including intellectual property, business plans and personal information. Our experience protecting the world’s most sensitive networks for more than a decade validates that robust network monitoring, not just attempting to find inbound malware, is key to detecting threats before anything is stolen.

Fidelis XPS™ is the only Comprehensive Advanced Threat Defense solution that stops advanced threats with industry-leading network traffic and payload analysis across all phases of the threat lifecycle.

Lastline Breach Detection Platform

The Lastline Breach Detection Platform provides comprehensive detection of advanced and evasive threats across your entire enterprise — Operating systems (Windows, Mac OS X, and Android), physical and virtual hosts, services, users, network infrastructure and Web, email, file, and mobile applications. The culmination of more than ten years of R&D specifically focused on advanced and evasive breach weaponry and tactics, Lastline’s flexible software-based platform allows organizations to scale their breach defenses on a predictable basis, from a single location to any number of remote, branch, and mobile offices.

Palo Alto Networks Next Generation Firewall

The Palo Alto Networks Next Generation Firewall acts as the basis of an enterprise security platform that is designed from the ground up to address the most sophisticated threats. The Palo Alto Next Generation Firewall offers traffic classification that natively inspects all applications, threats and content, then ties that traffic to the user, regardless of location or device type. The application, content, and user—the elements that run your business—then become integral components of your enterprise security policy. The result is the ability to align security with key business initiatives.

Palo Alto Networks WildFire

WildFire identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) by directly executing them in a scalable cloud-based, virtual sandbox environment. WildFire automatically creates and disseminates protections in near real-time to help security teams meet the challenge of advanced cyber attacks.

Bit9 + Carbon Black has partnered with leading data analytics and security information and event management (SIEM) providers to enable customers to leverage a centralized data repository to view all their security information. Bit9 + Carbon Black delivers standards-based and proprietary integrations so security analysts can view endpoint and server events alongside other security information, in real time.

Analytics & SIEM Alliance Partners


HP logo

HP ArcSight

The HP ArcSight Security Intelligence platform helps safeguard your business by giving you complete visibility into activity across the IT infrastructure-including external threats such as malware and hackers, internal threats such as data breaches and fraud, risks from application flaws and configuration changes, and compliance pressures from failed audits. This solution enables you to collect, analyze, and assess IT security, enterprise security and non-security events for rapid identification, prioritization and response.

IBM Security QRadar

IBM Security QRadar® SIEM consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. It performs immediate normalization and correlation activities on raw data to distinguish real threats from false positives. IBM Security QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents.


LogRhythm is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring and Machine Analytics, with Host and Network Forensics, in a unified Security Intelligence Platform. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. LogRhythm delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.


RSA NextGen offers an enterprise software framework that captures all network traffic and reconstructs the network sessions to the application layer for automated alerting and monitoring, and interactive analysis and review. By having all this information immediately accessible, customers have the agility to respond to emerging threats and forensics investigations, identify broken business processes, mitigate intentional data exfiltration and confront tomorrow’s challenges.

Splunk Enterprise

Splunk Enterprise is the industry-leading platform for machine data. Splunk Enterprise provides an easy, fast and secure way to analyze the massive streams of machine data generated by your IT systems and technology infrastructure—whether it’s physical, virtual or in the cloud. Use Splunk Enterprise to troubleshoot problems and investigate security incidents in minutes, not hours or days. Monitor your end-to-end infrastructure to avoid service degradation or outages. Gain operational intelligence with real-time visibility and critical insights into customer experience, transactions and other key business metrics. Splunk Enterprise makes your machine data accessible, usable and valuable across the organization.

Bit9 has partnered with vendors in the threat intelligence space to bolster the power of the Bit9 + Carbon Black Threat Intelligence Cloud. The Bit9 + Carbon Black Threat Intelligence Cloud is a cloud-based intelligence database that provides insight into known-good, known-bad and unproven software, giving IT and security teams actionable intelligence about the software installed within their enterprise. The Bit9 + Carbon Black Threat Intelligence Cloud aggregates software and threat-intelligence information from Bit9′s threat research team, the Internet, and our threat intelligence partners to provide customers with the most accurate and up-to-date software reputation data.

Threat Intelligence Alliance Partners


iSIGHT Partners

Since 2007, iSIGHT Partners has been recognized as the leader in cyber threat intelligence. Through its established intelligence team made up of over 190 different experts in 16 different countries, the iSIGHT Partners team focuses exclusively on analyzing and understanding the global threat ecosystem, to include threat sources and the methodologies they employ, and partners with its customers’ security and intelligence operations to empower an intelligence-led security strategy that connects intelligence directly to their business. – See more at:


Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Learn more at:

ThreatConnect, Inc.

ThreatConnect, Inc. is the leading provider of advanced threat intelligence products and services including ThreatConnect®, the most comprehensive Threat Intelligence Platform (TIP) on the market. ThreatConnect delivers a single platform in the cloud and on-premises to effectively aggregate, analyze, and act to counter sophisticated cyber-attacks. Leveraging advanced analytics capabilities ThreatConnect offers a superior understanding of relevant cyber threats to business operations. To register for a free ThreatConnect account, or to learn more about our products and services, visit:

Bit9 + Carbon Black has integrated with leading endpoint security and management providers to enable customers to reduce the cost of implementing an endpoint defense-in-depth strategy. This helps organizations increase their security posture while improving the economics of endpoint security.

Microsoft logoMicrosoft

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services, devices and solutions that help people and businesses realize their full potential.

Data sheet:
Network Security Integration

View Now

Data sheet:
Bit9 Connect Partner Alliance Program

View Now

Analyst Brief:
Bit9 Connect Program Supports Enterprise SOC Objectives

Download Now
Bit9 + Carbon Black