Call for Incident Response


From the DATASHIELD Resource Library:

Carbon Black: Managed Endpoint Detection & Response (EDR)

Learn how DATASHIELD provides managed Endpoint Detection & Response (EDR) utilizing Carbon Black's Predictive Security Cloud and leveraging the primary EDR tool CB Defense.

Posted On:




Read Time:

2 Minutes



Carbon Black: Managed Endpoint Detection & Response (EDR)

The EDR Solution:

Carbon Black is a suite of cloud-based security solutions that provides a variety of endpoint focused tools.  Carbon Black labels this single agent, console and platform as the CB Predictive Security Cloud.

At the core of Carbon Black’s endpoint security software is CB Defense.  CB Defense serves as a next-gen antivirus (NGAV) as well as an endpoint detection and response (EDR) solution.  CB Defense is a powerful tool that is easy to setup at a relatively affordable price point.

Core features of CB Defense include the following:

  • Secure shell endpoint access
  • Streaming prevention to detect attacks in progress
  • Online and offline attack prevention
  • Customizable user dashboards
  • Live attack chain visualization
  • Open APIs

While CB Defense is the core solution and the recommended tool for most businesses, Carbon Black also provides the following add-ons.

  • CB Threat Hunter - Threat hunting and incident response tool
  • CB LiveOps - Network management and administrative tool
  • CB ThreatSight - Alert monitoring and triage
  • CB Defense for Vmware - Vmware-specific EDR tool
  • CB Response - SOC-focused threat hunting and IR tool
  • CB Protection - Application control

Carbon Black is a premier endpoint security tool that provides ransomware and malware protection while facilitating threat hunting and incident response.  It has the same power as the premium tools without the premium price tag.

The EDR Service:


DATASHIELD has partnered with Carbon Black as a fully-fledged MSSP Partner which provides many benefits to our customers.

Here are a few of the benefits to a managed Carbon Black deployment with DATASHIELD.

  • Increased visibility / efficient access
  • Insight into health of the environment
  • Tracking how Carbon Black responds to incidents
  • Enhancing customer awareness of endpoint activity
  • Additional analysis and context beyond what Carbon Black provides
  • Tuning and whitelisting of the environment
  • 24/7 eyes on alerts
  • Integration with SHIELDVision Orchestration Platform
  • Alert / noise taming to focus remediation steps to valid incidents
  • Leveraging our relationship with Carbon as VAR for preferred pricing

DATASHIELD also employs a consultative approach to deployment.  We help consult before this process begins by coordinating with the customer and Carbon Black to ensure that machines during a proof of concept (POC) are representative of the development environment.  This helps identify potential deployment hazards and complications ahead of time, leading to a smoother and hassle-free implementation.  Post-deployment, we can also help coordinate ongoing updates to Carbon Black and your administrative team.

Learn more about Carbon Black.

Contact Us about deploying Carbon Black EDR with DATASHIELD.

About the Author:


SHIELDY is the heart and soul of DATASHIELD. There is no packet he cannot analyze or malicious code he cannot detect.

Read More From