Carbon Black (CB) Response

Enterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Security and IT professionals lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments. CB Response is an industry-leading incident response and threat hunting solution designed for security operations center (SOC) teams. CB Response continuously records and stores unfiltered endpoint data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the CB Predictive Security Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior. Capabilities

• Continuous and Centralized Recording
• Live Response for Remote Remediation
• Attack Chain Visualization and Search
• Automation via Integrations and Open APIs

Benefits

• Faster end-to-end response and remediation
• Accelerated IR and threat hunting with unfiltered endpoint visibility
• Rapid identification of attacker activities and root cause
• Secure remote access to infected endpoints for in-depth investigation
• Better protection from future attacks through automated hunting
• Unlimited retention and scale for the largest installations
• Reduced IT headaches from reimaging and helpdesk tickets