<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

Carbon Black: Managed Endpoint Detection & Response (EDR)

Learn how Datashield provides managed Endpoint Detection & Response (EDR) utilizing Carbon Black's Predictive Security Cloud and leveraging the primary EDR tool CB Defense.

VMware Carbon Black Endpoint Detection and Response Platform:

Carbon Black is a suite of cloud-based security solutions that provides a variety of endpoint focused tools. Carbon Black labels this single agent, console and platform as the CB Predictive Security Cloud.

At the core of Carbon Black’s endpoint security software is CB Defense. CB Defense serves as a next-gen antivirus (NGAV) as well as an endpoint detection and response (EDR) solution. CB Defense is a powerful tool that is easy to setup at a relatively affordable price point.

Core features of CB Defense include the following:

  • Secure shell endpoint access
  • Streaming prevention to detect attacks in progress
  • Online and offline attack prevention
  • Customizable user dashboards
  • Live attack chain visualization
  • Open APIs

While CB Defense is the core solution and the recommended tool for most businesses, Carbon Black also provides the following add-ons:

  • CB Threat Hunter: Threat hunting and incident response tool
  • CB LiveOps: Network management and administrative tool
  • CB ThreatSight: Alert monitoring and triage
  • CB Defense for Vmware: Vmware-specific EDR tool
  • CB Response: SOC-focused threat hunting and IR tool
  • CB Protection: Application control


Carbon Black is a premier endpoint security tool that provides ransomware and malware protection while facilitating threat hunting and incident response. It has the same power as the premium tools without the premium price tag.

Endpoint Detection and Response Service

Datashield has partnered with Carbon Black as a fully-fledged MSSP Partner which provides benefits to our customers.

Here are a few of the benefits to a managed Carbon Black deployment with

  • Increased visibility / efficient access
  • Insight into health of the environment
  • Tracking how Carbon Black responds to incidents
  • Enhancing customer awareness of endpoint activity
  • Additional analysis and context beyond what Carbon Black provides
  • Tuning and whitelisting of the environment
  • 24/7 eyes on alerts
  • Integration with SHIELDVision Orchestration Platform
  • Alert / Noise taming to focus remediation steps to valid incidents
  • Leveraging our relationship with Carbon as VAR for preferred pricing

Datashield also employs a consultative approach to deployment. We help consult before this process begins by coordinating with the customer and Carbon Black to ensure that machines during a proof of concept (POC) are representative of the development environment. This helps identify potential deployment hazards and complications ahead of time, leading to a smoother and hassle-free implementation. Post-deployment, we can also help coordinate ongoing updates to Carbon Black and your administrative team.


About VMware Carbon Black

VMware Carbon Black is a leader in cloud-native endpoint protection dedicated to keeping the world safe from cyberattacks. The VMware Carbon Black Cloud consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, VMware Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks.

For more information click the button below for our Carbon Black Platform review.

Carbon Black Review

Topics from this Article

Carbon Black, Endpoint Detection and Response, CB Defense, Reviews

Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

What is Microsoft Defender for Endpoint and How Does it Work?

Microsoft Defender for Endpoint, formerly known as Microsoft Defender Advanced Threat Protection, provides enterprise-level protection to endpoints to prevent, detect, investigate, and respond to advanced threats.

What is the Zero Trust Framework?

Zero Trust security concept is a model and framework developed by former Forrester analyst John Kindervag in 2010. Since then, the Zero Trust model is widely adopted, with leading researchers at Gartner, Microsoft, and Google all developing and implementing their variations of Zero Trust frameworks while keeping the core concept intact.

Behavioral Indicators of Insider Threat Activity

Contrary to popular beliefs, an insider threat is not always a security risk within an organization's immediate perimeter. Current employees and managers aside, an insider threat could be a former employee who had access to specific information, a third-party consultant, or a business partner.