<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

Carbon Black: Managed Endpoint Detection & Response (EDR)

Learn how Datashield provides managed Endpoint Detection & Response (EDR) utilizing Carbon Black's Predictive Security Cloud and leveraging the primary EDR tool CB Defense.

VMware Carbon Black Endpoint Detection and Response Platform:

Carbon Black is a suite of cloud-based security solutions that provides a variety of endpoint focused tools. Carbon Black labels this single agent, console and platform as the CB Predictive Security Cloud.

At the core of Carbon Black’s endpoint security software is CB Defense. CB Defense serves as a next-gen antivirus (NGAV) as well as an endpoint detection and response (EDR) solution. CB Defense is a powerful tool that is easy to setup at a relatively affordable price point.

Core features of CB Defense include the following:

  • Secure shell endpoint access
  • Streaming prevention to detect attacks in progress
  • Online and offline attack prevention
  • Customizable user dashboards
  • Live attack chain visualization
  • Open APIs

While CB Defense is the core solution and the recommended tool for most businesses, Carbon Black also provides the following add-ons:

  • CB Threat Hunter: Threat hunting and incident response tool
  • CB LiveOps: Network management and administrative tool
  • CB ThreatSight: Alert monitoring and triage
  • CB Defense for Vmware: Vmware-specific EDR tool
  • CB Response: SOC-focused threat hunting and IR tool
  • CB Protection: Application control

5d9262908ea9394424a382c2_cb-predictive-cloud

Carbon Black is a premier endpoint security tool that provides ransomware and malware protection while facilitating threat hunting and incident response. It has the same power as the premium tools without the premium price tag.

Endpoint Detection and Response Service

Datashield has partnered with Carbon Black as a fully-fledged MSSP Partner which provides benefits to our customers.

Here are a few of the benefits to a managed Carbon Black deployment with
Datashield:

  • Increased visibility / efficient access
  • Insight into health of the environment
  • Tracking how Carbon Black responds to incidents
  • Enhancing customer awareness of endpoint activity
  • Additional analysis and context beyond what Carbon Black provides
  • Tuning and whitelisting of the environment
  • 24/7 eyes on alerts
  • Integration with SHIELDVision Orchestration Platform
  • Alert / Noise taming to focus remediation steps to valid incidents
  • Leveraging our relationship with Carbon as VAR for preferred pricing

Datashield also employs a consultative approach to deployment. We help consult before this process begins by coordinating with the customer and Carbon Black to ensure that machines during a proof of concept (POC) are representative of the development environment. This helps identify potential deployment hazards and complications ahead of time, leading to a smoother and hassle-free implementation. Post-deployment, we can also help coordinate ongoing updates to Carbon Black and your administrative team.

 

About VMware Carbon Black

VMware Carbon Black is a leader in cloud-native endpoint protection dedicated to keeping the world safe from cyberattacks. The VMware Carbon Black Cloud consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, VMware Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks.

For more information click the button below for our Carbon Black Platform review.

Carbon Black Review

Topics from this Article

Carbon Black, Endpoint Detection and Response, CB Defense, Reviews

Datashield
Datashield
Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

Pros and Cons of Outsourced SOC

Google Chronicle vs Splunk

Alphabet’s announcement concerning the inclusion of big-data security into Chronicle led to a 5% drop in the value of Spunk’s shares and sparked a debate on which security information and event management (SIEM) tool supplies better options.

How to Deploy ExtraHop Reveal(x) on Amazon Web Services (AWS)

As business operations expand and move to the cloud, so does security. ExtraHop’s Reveal(x) platform can be deployed on a variety of cloud infrastructures. It makes sense for ExtraHop, leader in Network Detection and Response, to partner with tech giant Amazon Web Services (AWS).