Engineering Spotlight: Carbon Black
The Boston tech scene is home to a large cybersecurity sector and Carbon Black is one of the prominent companies in this space. Carbon Black provides enterprise-wide endpoint security software for a wide variety of organizations.
The company was recently named one of the Top Places to Work in Boston by the Boston Globe for the fourth year in the row.
How does Carbon Black build and create their platform? What is the day-to-day life like at one of Boston’s well-known cybersecurity companies?
We connected with the company’s Chief Architect Scott Lundgren to learn a little bit more about Carbon Black’s engineering team. Lundgren shared lots of info with us, including how the platform works and what kinds of events the company participates in.
Also Carbon Black is hiring! Check out its BIZZpage for all the company’s openings.
Quick Hit Details
Year Founded: 2002
Number of employees: 1000
Number of employees in engineering/product: 280
Can you share the details on what Carbon Black does?
Carbon Black is a cybersecurity company and has designed the complete next-generation endpoint security platform, enabling organizations to stop the most attacks, see every threat, close security gaps, and evolve their defenses. The Cb Endpoint Security Platform helps organizations of all sizes replace legacy antivirus technology, lock down systems, and arm incident response teams with advanced tools to proactively hunt down threats.
Carbon Black has a full portfolio of products. Could you describe the differences between these products from a high level (Cb Defense, Cb Response, and Cb Protection)?
Cb Protection provides the most proven application control solution for enterprise endpoints and critical systems. With Cb Protection, IT, compliance, infrastructure, and security teams establish automated software execution controls and protection policies that safeguard corporate and customer data.
Cb Response redefines Incident Response (IR) with instant root cause analysis and the fastest end-to-end response time. It continuously records 100% of all activity and visualizes the complete attack kill chain empowering real-time response and remediation and proactive threat hunting.
Cb Defense is next-generation antivirus + EDR solution in one cloud-delivered platform that stops commodity malware, advanced malware, non-malware attacks, and ransomware.
What are some of the different technologies that the engineering team gets to work with and at what scale?
We’re using a lot of different technologies but AWS is probably the biggest with how we’re scaling. Our engineers are focused on finding ways to ingest security data at a petabyte scale and identify performance analytics to drive intelligence and value for our customers. There are a lot of challenges at the petabyte scale and those challenges include efficiency, performance, and costs. It requires really ingenious technical solutions, such as AWS.
What are some of the interesting projects that the engineering team is tackling?
The security space is really interesting in so many ways. Here is one project that illustrates this: With security being so visible now with high-profile breaches and even talk of election tampering, customers are really interested in getting the best possible security capabilities for their organizations. But security is also a really nuanced subject, with lots of details and this can be a high barrier to entry to some customers. This makes for a really fun project as we try to combine technology and user experience (UX) to make security both effective and accessible for customers.
Is there any particular use case from a client that has stood out to you and the engineering team?
The threat landscape changes quickly and adversaries change tactics and approaches often. This requires constant reassessment to how we detect threats and how we help customers. One interesting use case is being able to identify an entirely novel threat vector, detect it, and prevent it without the customer ever being affected. And, of course, being able to tell them the details after it’s taken care of.
Can you describe the type of background or experience that you generally look for when hiring for the engineering team?
We’re in a really interesting space that requires a lot of different disciplines and skill sets. If we broke it down into four key segments, it would be:
Cloud and big data - we need people to be able to scale, have experience with cloud technologies, and can build for data and analytics at a high scale
Security - we need people who can understand our adversaries and threats, be able to reverse engineer, and is experienced with network security and threat hunting
Endpoint - as an endpoint security company, we need people who can work with operating systems, such as kernel-level development with Windows, Mac, and/or Linux
Data and analytics - we work very heavily with this to support our customers and stay ahead of threats
Also, modern UI web-app experience is helpful.
From a soft-skills perspective, we don’t want people who are arrogant. People who do well here are willing to learn, willing to teach, are curious, and are passionate about making a difference.
Teamwork is a big one, too. We’re growing into a larger company but our agile teams are broken down to be much smaller. This is powerful for collaboration and forging tight bonds. Our team members have access to skill sets and expertise that they might not be used to, and the culture makes it easy for people to both collaborate within their small teams and teams outside of their own.
How would you best describe the culture and working environment for the engineering team at Carbon Black?
To add to what was mentioned in the question above, we also have a very relaxed and informal environment. Our culture is very flexible, which is due in part to our flexible time off and the fact that we want our employees to feel like they have ownership over what they do. It’s not about a 9-5 schedule but more about getting your work done and being proud of what you’ve accomplished.
Also, with how our teams are set up, there’s a lot of comradery among them. It makes a good work environment even while we’re tackling some tough challenges.
What can someone expect during the interview process?
We have the usual set up for interviews in regard to phone screens and one-on-one in-person conversations. The most interesting thing I personally like is the “Tech Talk”. This is where we want you to present something you’ve done and that you’re passionate about. What we’re trying to get out of this is a good conversation and understanding of how you bring energy and passion to take on a challenge. It’s not about checking a bunch of boxes. This is a chance to show yourself in the best light because you’re picking a subject that matters to you.
We’re not trying to make you conform to our definition of what we think is important. We want you to express yourself, show us what you think is a good challenge that highlights your skill set best, and do something cool.
What does your team do for fun outside of work? Are they involved in any local tech organizations or Meetups?
We have a wide variety of technical areas and we have a lot of people dispersed throughout the world. What our team in Portland does differ from what our team in San Antonio does and so on. From a general standpoint, I do know our people go to Meetups (usually DevOps-focused), participate in different conferences and events (i.e. Lesbians Who Tech, She Geeks Out, Black Hat, re:Invent), and so on.
As far as fun goes, we have people that do everything. We have avid gamers, sports enthusiasts, musicians, foodies, and so on. I can say that one common theme we see across the board is that we have a lot of beer lovers.
Rapid Fire Q&A
What’s on tap?
We have a rotating list of beers at any given time. However, a crowd favorite for the engineering team is Wassail.
Star Wars or Star Trek?
iPhone or Android?
Coffee - hot or iced?
Favorite employee perk?
Flexible time off.
What music is playing in your office?
Hard to say, we have a lot of people who wear headphones.
View from your office:
Principal Threat Researcher
“People on the Carbon Black Threat Research Team can play multiple roles in the improvement of our products or further the industry as a whole in many ways. The dynamic, fast-paced environment at Carbon Black provides opportunities to work on completely different things day-to-day or dive deep into tiny details that need to be fully understood in order to implement better detection, prevention, and response. Being in a growing company in a fast-moving, high-impact, highly competitive space (like endpoint security) is really the only way to get a chance to do that in your career.”
“It’s an exciting time in the company. We have tremendous growth opportunities and plenty of room to learn and innovate. Our teams are very dynamic and fast-paced and our environment is very open. If you thrive in change and enjoy nothing but a challenge, then this is where you want to be. Also, our agile transformation is backed by C-level leadership. It is now part of our culture, we want to continue to be nimble and agile. We believe in this change and our leadership is extremely invested in it.”
Senior Manager, Site Reliability Engineering
“What you get at Carbon Black is the maturity of a company that has nearly 1,000 people but still embraces the startup mentality. I see this a lot in the DevOps culture. You have teams working together and using tools that you see in many startups, like open-source tools developed by places such as Netflix, Google, Etsy, and Cloudflare. We are very much involved in the community and with the companies who are considered pioneers in this space. We’re all about using the latest and greatest concepts, tools, and frameworks. We have to stay at the forefront if we want to compete with these other organizations in the same space.”
Images courtesy of Carbon Black.