Learn how Datashield provides managed Endpoint Detection & Response (EDR) utilizing Carbon Black's Predictive Security Cloud and leveraging the primary EDR tool CB Defense.
VMware Carbon Black Endpoint Detection and Response Platform:
Carbon Black is a suite of cloud-based security solutions that provides a variety of endpoint focused tools. Carbon Black labels this single agent, console and platform as the CB Predictive Security Cloud.
At the core of Carbon Black’s endpoint security software is CB Defense. CB Defense serves as a next-gen antivirus (NGAV) as well as an endpoint detection and response (EDR) solution. CB Defense is a powerful tool that is easy to setup at a relatively affordable price point.
Core features of CB Defense include the following:
- Secure shell endpoint access
- Streaming prevention to detect attacks in progress
- Online and offline attack prevention
- Customizable user dashboards
- Live attack chain visualization
- Open APIs
While CB Defense is the core solution and the recommended tool for most businesses, Carbon Black also provides the following add-ons:
- CB Threat Hunter: Threat hunting and incident response tool
- CB LiveOps: Network management and administrative tool
- CB ThreatSight: Alert monitoring and triage
- CB Defense for Vmware: Vmware-specific EDR tool
- CB Response: SOC-focused threat hunting and IR tool
- CB Protection: Application control
Carbon Black is a premier endpoint security tool that provides ransomware and malware protection while facilitating threat hunting and incident response. It has the same power as the premium tools without the premium price tag.
Endpoint Detection and Response Service
Datashield has partnered with Carbon Black as a fully-fledged MSSP Partner which provides benefits to our customers.
Here are a few of the benefits to a managed Carbon Black deployment with
- Increased visibility / efficient access
- Insight into health of the environment
- Tracking how Carbon Black responds to incidents
- Enhancing customer awareness of endpoint activity
- Additional analysis and context beyond what Carbon Black provides
- Tuning and whitelisting of the environment
- 24/7 eyes on alerts
- Integration with SHIELDVision Orchestration Platform
- Alert / Noise taming to focus remediation steps to valid incidents
- Leveraging our relationship with Carbon as VAR for preferred pricing
Datashield also employs a consultative approach to deployment. We help consult before this process begins by coordinating with the customer and Carbon Black to ensure that machines during a proof of concept (POC) are representative of the development environment. This helps identify potential deployment hazards and complications ahead of time, leading to a smoother and hassle-free implementation. Post-deployment, we can also help coordinate ongoing updates to Carbon Black and your administrative team.
About VMware Carbon Black
VMware Carbon Black is a leader in cloud-native endpoint protection dedicated to keeping the world safe from cyberattacks. The VMware Carbon Black Cloud consolidates endpoint protection and IT operations into an endpoint protection platform (EPP) that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, VMware Carbon Black has key insights into attackers’ behaviors, enabling customers to detect, respond to and stop emerging attacks.
For more information click the button below for our Carbon Black Platform review.