The following is a downloadable Datasheet that encapsulates Datashield's partnership with VMware Carbon Black as a premier endpoint protection platform. It dives into the key advantages organizations receive when deploying Carbon Black and employing Datashield as a managed EDR provider.
Click to download or click here.
Datashield is offering a premier service with the VMware Carbon Black partnership
for the following security services:
- Datashield Managed Detection & Response (MDR)
- The Datashield Advantage with VMware Carbon Black
Datashield Specific Carbon Black Managed EDR
SOC operations are expensive from both a cost on management perspective. A typical in-house, 24x7 SOC is comprised of analysts, engineers, and threat intel specialists who provide up-to-date information on all the current threats and technologies which, for most companies, is simply not in the budget. Datashield provides all sized organizations with the coverage needed to stay protected in the vast threat landscape.
Triage and Investigate Events
With Datashield as an extension of your security team, we help ease the time constraint on your staff by triaging and investigating security events. Our analysts have extensive experience supporting Carbon Black deployments of all sizes and tuning the tool to each and every specific environment. While there is no “silver-bullet” to security, with Carbon Black, the Datashield escalation process is made easier which allows us to work with you and your team through any incident.
A big advantage of having Datashield on your side is that we will provide detailed forensic analysis of security events which takes the guesswork out of what happened, what is the potential repercussions, and what actions need to be taken. Datashield and Carbon Black both take advantage of the MITRE ATT&CK framework for analysis and investigations. This helps to streamline our investigations and standardize our investigative details back to you the customer.
Proper Onboarding and Deployment
For many organizations deploying robust endpoint protections can take invaluable time to properly be deployed. With Datashield security professionals, our customers are eased thorough an onboarding process to ensure proper efficient setup and tuning. The beginning to any healthy relationship is starting off on the right foot and onboarding this is the first opportunity to bridge the gap understanding your business environment and improving your security posture.
Policy and Rule Tuning
As organizations grow and change so should all security tools and tuning policy rules to work effectively in an environment. Carbon Black allows for a high level of customization of its policies and rules which allows the Datashield team to create specific rules for your environment making you more secure. Both foundational and customized rules allow for a better security presence and minimize alert fatigue.
Regular maintenance after the initial onboarding and policy tuning continue well into the relationship as false positive situations will occur. As we work in your environment, we will make ongoing recommendations for whitelisting which allows you to focus on the real-time threats.
Integration into SIEM
Carbon Black has full SIEM (Security Information and Event Management) integration which allows analysts to expand their investigation capabilities when monitoring your environment. With the ability to see an event from multiple angles (i.e. EDR, logs, network traffic), Datashield analysts can come to a clearer understanding of what happened during a security event and present a more complete root cause analysis.
Carbon Black Features
Single Agent and Console
The CB Predictive Security Cloud platform uses a single endpoint agent, console, and dataset to simplify security operations and management.
Advanced Endpoint Security
CB Predictive Security Cloud leverages behavior analytics, stream-based monitoring, and unfiltered endpoint data to stop highly advanced threats, including fileless attacks.
Security teams gain access to expert community resources while CB ThreatSight users can leverage the insights and expertise from Carbon Black’s security analysts directly.
CB Predictive Security Cloud allows companies to expand security capabilities without needing to purchase onsite infrastructure or add additional software agents.