Another Carbon Black Post

1 minute read

Now that most of the hubbub around Carbon Black has calmed down, I feel like I can finally make a post. The long and short of the whole thing is that it is absolutely ridiculous. I want to pretend like I’m shocked that there’s FUD within my industry, but I’m not. This is just an instance of another security company trying to make headlines by irresponsibly posting and blowing things out of proportion.

Anyway, the long and short of it for anyone who wants my opinion.

  • The option is disabled by default
  • You really have to want to enable it to enable it.
  • Even then it’s only binaries
  • Again, this is a feature that was requested by clients and up to them to control

Oh and then there was this quote from Carbon Black,

“We appreciate the work of the security research community. However, it is important to note that Carbon Black was not informed about this issue by DirectDefense prior to publication of the blog to validate their findings. “

Hrm, wonder why that would be. Oh is it because DirectDefense is a competitor to Carbon Black and they thought they could make some headlines for their shitass company this way?

Again, I’d like to pretend I’m shocked by all of this but I’m not. It appears to be more drama created just so that Direct Defense can get a few more page views this month. It’s ridiculous and it hurts the industry as a whole. I think the fact that they’re resorting to ambush tactics instead of publishing real research says more about them than their actual post.