{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"implementations":{"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"more":{"_type":"localeString","en":"Learn more","ru":"Узнать больше"},"sort-title-asc":{"ru":"От А до Я","_type":"localeString","en":"From A to Z"},"sort-title-desc":{"_type":"localeString","en":"From Z to A","ru":"от Я до А"},"sort-rating-asc":{"ru":"По возрастанию рейтинга","_type":"localeString","en":"Rating ascending"},"sort-rating-desc":{"_type":"localeString","en":"Rating descending","ru":"По убыванию рейтинга"},"sort-discount-asc":{"_type":"localeString","en":"Rebate ascending","ru":"По возрастанию скидки"},"sort-discount-desc":{"_type":"localeString","en":"Rebate descending","ru":"По убыванию скидки"},"user":{"ru":"Пользователь","_type":"localeString","en":"User"},"vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"supplier":{"_type":"localeString","en":"Supplier","ru":"Поставщик"},"status":{"_type":"localeString","en":"Status","ru":"Статус"},"product":{"ru":"Продукт","_type":"localeString","en":"Product"},"no-results":{"ru":"По вашему запросу ничего не найдено, попробуйте изменить запрос.","_type":"localeString","en":"No results found. We didn't find any results with the filter you selected."},"with-reference":{"_type":"localeString","en":"With reference","ru":"С референсом"},"items-found":{"en":"Deployments found","ru":"Внедрений найдено","_type":"localeString"},"canceled":{"ru":"Отменено","_type":"localeString","en":"Canceled"},"deal-canceled":{"ru":"Сделка отменена","_type":"localeString","en":"Deal canceled"},"deal-closed":{"ru":"Сделка закрыта","_type":"localeString","en":"Deal closed"},"deal-in-progress":{"ru":"Сделка в процессе","_type":"localeString","en":"Deal in progress"},"deal-is-planned":{"_type":"localeString","en":"Deal is planned","ru":"Сделка планируется"},"finished":{"_type":"localeString","en":"Finished","ru":"Завершено"},"in-process":{"en":"In Process","ru":"Ведется","_type":"localeString"},"planned":{"ru":"Планируется","_type":"localeString","en":"Planned"},"proof-of-concept":{"en":"Proof of concept","ru":"Пилотный проект","_type":"localeString"},"stopped":{"ru":"Остановлено","_type":"localeString","en":"Stopped"},"date":{"_type":"localeString","en":"Deployment date","ru":"Дата внедрения"},"roi":{"en":"ROI","ru":"ROI","_type":"localeString"},"implementations-fetching-error":{"ru":"Произошла ошибка. Перезагрузите пожалуйста страницу.","_type":"localeString","en":"An error has occurred. Please reload the page."}},"header":{"help":{"de":"Hilfe","ru":"Помощь","_type":"localeString","en":"Help"},"how":{"_type":"localeString","en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает"},"login":{"_type":"localeString","en":"Log in","de":"Einloggen","ru":"Вход"},"logout":{"_type":"localeString","en":"Sign out","ru":"Выйти"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"en":"ROI calculators","ru":"ROI калькуляторы","_type":"localeString"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"_type":"localeString","en":"Blog","ru":"Блог"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"_type":"localeString","en":"Are you sure you want to delete","ru":"Подтвердите удаление"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"ru":"Мои данные","_type":"localeString","en":"My profile"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"en":"Explore IT products by category","_type":"localeString"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"_type":"localeString","en":"All rights reserved","de":"Alle rechte vorbehalten","ru":"Все права защищены"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"_type":"localeString","en":"About us","de":"Über uns","ru":"О нас"},"infocenter":{"ru":"Инфоцентр","_type":"localeString","en":"Infocenter","de":"Infocenter"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"ru":"Marketplace","_type":"localeString","en":"Marketplace","de":"Marketplace"},"products":{"_type":"localeString","en":"Products","de":"Produkte","ru":"Продукты"},"compare":{"ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche"},"calculate":{"_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators","de":"ROI-Rechner"},"matrix":{"de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix"},"b4r":{"de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an"},"subscribe_info":{"_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"en":"Solutions","ru":"Возможности","_type":"localeString"},"find":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"quote":{"en":"Price calculator","ru":"Калькулятор цены","_type":"localeString"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"_type":"localeString","en":"categories","ru":"категории"},"showForm":{"en":"Show form","ru":"Показать форму","_type":"localeString"},"subscribe__title":{"en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString"},"subscribe__email-label":{"en":"Email","ru":"Email","_type":"localeString"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"_type":"localeString","en":"This field is required","ru":"Это поле обязательное"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"en":"Last, first name","ru":"Имя Фамилия","_type":"localeString"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"_type":"localeString","en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее."},"roi4presenter":{"ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter","de":"roi4presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"en":"Registration","ru":"Регистрация","_type":"localeString"},"b2b-platform":{"_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"en":"First name","ru":"Имя","_type":"localeString"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"_type":"localeString","en":"Position","ru":"Должность"},"actual-cost":{"en":"Actual cost","ru":"Фактическая стоимость","_type":"localeString"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"en":"Comment","ru":"Комментарий","_type":"localeString"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"_type":"localeString","en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"_type":"localeString","en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}},"filters":{"from":{"_type":"localeString","en":"from","ru":"от"},"to":{"ru":"до","_type":"localeString","en":"to"},"filter-price-title":{"_type":"localeString","en":"Filter by price","ru":"Фильтр по цене"},"view-type-label":{"_type":"localeString","en":"View","ru":"Вид"},"sort-type-label":{"en":"Sorting","ru":"Сортировка","_type":"localeString"},"category":{"_type":"localeString","en":"Category","ru":"Категория"},"follow":{"ru":"Следить","_type":"localeString","en":"Follow"},"add-product":{"ru":"Добавить продукт","_type":"localeString","en":"Add Product"},"show-all":{"_type":"localeString","en":"Show all","ru":"Показать все"},"filter-toggle":{"ru":"Фильтр","_type":"localeString","en":"Filter"},"clear-button":{"_type":"localeString","en":"Сlear","ru":"Очистить"},"delivery-type-field":{"_type":"localeString","en":"Delivery type","ru":"Тип поставки"},"product-categories-field":{"en":"product categories","ru":"категориz продуктаhjle","_type":"localeString"},"providers-field":{"en":"Providers","ru":"Поставщик, производитель","_type":"localeString"},"business-tasks-field":{"en":"Business tasks","ru":"Бизнес задачи","_type":"localeString"},"problems-field":{"_type":"localeString","en":"Problems","ru":"Проблемы"},"with-discounts-checkbox":{"_type":"localeString","en":"With discounts","ru":"Со скидками"},"expert-price-checkbox":{"ru":"Конфигуратор","_type":"localeString","en":"Configurator"},"roi-calculator-checkbox":{"ru":"ROI-калькулятор","_type":"localeString","en":"ROI-calculator"},"apply-filter-button":{"ru":"Применить фильтр","_type":"localeString","en":"Apply filter"},"sorting-toggle":{"ru":"Сортировка","_type":"localeString","en":"Sorting"},"show-all-button":{"_type":"localeString","en":"Show all","ru":"Показать все"},"suggest-product-button":{"ru":"Предложить продукт","_type":"localeString","en":"Suggest product"},"with-projects-label":{"en":"With deployments","ru":"С внедрениями","_type":"localeString"},"bonus-4-reference":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus 4 Reference"},"product-categories":{"en":"Product Categories","ru":"Категории продуктов","_type":"localeString"},"countries":{"_type":"localeString","en":"Countries","ru":"Страны"},"seller":{"_type":"localeString","en":"Seller","ru":"Продавец"},"vendors":{"en":"User products vendors","ru":"Производители продуктов пользователя","_type":"localeString"},"suppliers":{"ru":"Поставщики пользователя","_type":"localeString","en":"User suppliers"},"business-process":{"_type":"localeString","en":"Problems","ru":"Проблемы"},"business-objectives":{"_type":"localeString","en":"Business tasks","ru":"Бизнес задачи"},"branch":{"_type":"localeString","en":" Branch","ru":"Отрасль"},"users":{"ru":"Пользователи","_type":"localeString","en":"Users"},"status":{"en":"Status","ru":"Статус","_type":"localeString"},"info-source":{"ru":"Информационный ресурс","_type":"localeString","en":"Info source"},"with-reference-checkbox":{"_type":"localeString","en":"With reference","ru":"С референсами"},"show-deal-checkbox":{"_type":"localeString","en":"Show deal with noname","ru":"Показывать сделки с noname"},"roi-checkbox":{"ru":"ROI","_type":"localeString","en":"ROI"},"problems":{"en":"Problems","ru":"Проблемы","_type":"localeString"},"find":{"_type":"localeString","en":"Find","ru":"Выполнить поиск"},"deal-date":{"_type":"localeString","en":"Date","ru":"Дата"},"try-button":{"ru":"Попробовать AI (Beta)","_type":"localeString","en":"Try AI (Beta)"},"hide":{"en":"Hide","ru":"Скрыть","_type":"localeString"},"company-size":{"ru":"Размер компании","_type":"localeString","en":"Company size"},"add-company":{"_type":"localeString","en":"Add company","ru":"Добавить компанию"},"add-implementation":{"ru":"Добавить внедрение","_type":"localeString","en":"Add deployment"},"sort-title-asc":{"ru":"От А до Я","_type":"localeString","en":"From A to Z"},"sort-title-desc":{"ru":"От Я до А","_type":"localeString","en":"From Z to A"},"sellers-field":{"en":"Sellers","ru":"Поставщики, Производители","_type":"localeString"},"supply-types":{"ru":"Тип поставки","_type":"localeString","en":"Supply type"},"with-comments-checkbox":{"_type":"localeString","en":"With comments","ru":"С комментариями"},"supplier":{"ru":"Поставщик","_type":"localeString","en":"Supplier"},"vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"user":{"ru":"Пользователь","_type":"localeString","en":"User"},"company-type":{"ru":"Тип компании","_type":"localeString","en":"Company type"},"partners-field":{"ru":" Партнеры","_type":"localeString","en":"Partners"},"customers":{"en":"Customers","ru":"Покупатели","_type":"localeString"},"product-supplier":{"_type":"localeString","en":"Product supplier","ru":"Поставщик продукта"},"product-vendor":{"_type":"localeString","en":"Product vendor","ru":"Производитель продукта"},"implementation-date":{"_type":"localeString","en":"Deployment date","ru":"Дата внедрения"},"canceled":{"en":"Canceled","ru":"Отменено","_type":"localeString"},"deal-canceled":{"ru":"Сделка отменена","_type":"localeString","en":"Deal canceled"},"deal-closed":{"en":"Deal closed","ru":"Сделка закрыта","_type":"localeString"},"deal-in-progress":{"ru":"Сделка в процессе","_type":"localeString","en":"Deal in progress"},"deal-is-planned":{"ru":"Сделка планируется","_type":"localeString","en":"Deal is planned"},"finished":{"_type":"localeString","en":"Finished","ru":"Завершено"},"in-process":{"_type":"localeString","en":"In Process","ru":"Ведется"},"planned":{"ru":"Планируется","_type":"localeString","en":"Planned"},"proof-of-concept":{"_type":"localeString","en":"Proof of concept","ru":"Пилотный проект"},"stopped":{"_type":"localeString","en":"Stopped","ru":"Остановлено"},"competencies":{"ru":"Компетенции","_type":"localeString","en":"Competencies"}}},"translationsStatus":{"implementations":"success","filters":"success"},"sections":{"implementations-text-block":{"label":"catalog-implementations-text-block","body":{"en":[{"_type":"block","style":"normal","_key":"0e40f9075bd0","markDefs":[],"children":[{"_type":"span","marks":[],"text":"The ROI4CIO Deployment Catalog is a database of software, hardware, and IT service implementations. Find implementations by vendor, supplier, user, business tasks, problems, status, filter by the presence of ROI and reference.","_key":"0e40f9075bd00"}]}],"ru":[{"_key":"1435aa042111","markDefs":[],"children":[{"_type":"span","marks":[],"text":"Каталог внедрений ROI4CIO - это база данных о внедрениях программного обеспечения, оборудования и ИТ-услуг. Находите внедрения по вендору, поставщику, пользователю, бизнес-задачам, проблемам, статусу, фильтруйте по наличию ROI и референса.","_key":"1435aa0421110"}],"_type":"block","style":"normal"}],"_type":"localeBlock"}}},"sectionsStatus":{"implementations-text-block":"success"},"pageMetaData":{"implementations":{"title":{"_type":"localeString","en":"ROI4CIO: Implementations","ru":"ROI4CIO: Внедрения"},"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"name":"og:type","content":"website"}],"translatable_meta":[{"translations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"name":"og:title"},{"translations":{"ru":"Каталог внедрений различных видов программного обеспечения, ИТ проектов. Результаты внедрений ИТ, результаты, референсы, ROI","_type":"localeString","en":"Implementations"},"name":"og:description"},{"name":"title","translations":{"_type":"localeString","en":"Implementations","ru":"Внедрения"}},{"name":"description","translations":{"ru":"Описание внедрений","_type":"localeString","en":"Implementations description"}},{"name":"keywords","translations":{"en":"Implementations keywords","ru":"Внедрения ключевые слова","_type":"localeString"}}]}},"pageMetaDataStatus":{"implementations":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{"vmware-carbon-black-cloud-endpoint-standard-and-enterprise-edr-for-indeed":{"id":1205,"title":"VMware Carbon Black Cloud Endpoint Standard and Enterprise EDR for Indeed","description":"<span style=\"font-weight: bold;\">Indeed Stays a Step Ahead of Advanced Threats</span>\r\nAs a major employment search engine for job listings worldwide, Indeed puts an added focus on having the strongest possible security posture. For Senior Security Engineer Robert Bogart, gaining insight into Indeed’s environment was a top priority. After deploying VMware Carbon Black, Indeed was able to not only get complete visibility but also proactively stop attacks.<br />\r\n<span style=\"font-weight: bold;\">Gaining visibility </span>\r\nPrior to VMware Carbon Black, Indeed didn’t have clear insight into their corporate infrastructure and the company’s large macOS environment. Without that visibility, they didn’t know exactly what was happening on their endpoints. After evaluating and testing a number of solutions, Bogart chose to deploy both VMware Carbon Black Cloud Endpoint Standard and VMware Black® Hosted EDR.<br />\r\n<span style=\"font-style: italic;\">“I think VMware Carbon Black is a forerunner and they sort of lead the pack,”</span> said Bogart. <span style=\"font-style: italic;\">“We have tested other industry-leading endpoint detection and response (EDR) software vendors and we really like the feature set that VMware Carbon Black gives us.”</span><br />\r\n<span style=\"font-weight: bold;\">Prevention and threat hunting</span><br />\r\nProduct capabilities are truly what drove Indeed to purchase VMware Carbon Black. The ability to gain visibility into when processes are starting or stopping, or when network connections are being made gave Bogart and the team the additional context they needed.<br />\r\n<span style=\"font-style: italic;\">“The main benefit we get out of Carbon Black Cloud Endpoint Standard is the peace of mind of knowing that there’s proactive next-generation antivirus,”</span> said Bogart. <span style=\"font-style: italic;\">“We really like that Carbon Black Cloud Endpoint Standard is our first line of defense. For Carbon Black Hosted EDR, we really like the threat hunting capabilities.”</span><br />\r\nSince deployment, Indeed has been able to achieve a new level of security. While Bogart and the team have put great processes in place, they continue to look for ways to enhance their security posture further, especially with the release of the new VMware Carbon Black Cloud Enterprise EDR™ solution.<br />\r\n<span style=\"font-style: italic;\">“I really found the new Carbon Black Cloud Enterprise EDR product that’s coming out very valuable for us,”</span> said Bogart. <span style=\"font-style: italic;\">“We want to go in and find threats before they become larger problems. Carbon Black Cloud Enterprise EDR is definitely a good piece of news to hear.”</span>","alias":"vmware-carbon-black-cloud-endpoint-standard-and-enterprise-edr-for-indeed","roi":0,"seo":{"title":"VMware Carbon Black Cloud Endpoint Standard and Enterprise EDR for Indeed","keywords":"","description":"<span style=\"font-weight: bold;\">Indeed Stays a Step Ahead of Advanced Threats</span>\r\nAs a major employment search engine for job listings worldwide, Indeed puts an added focus on having the strongest possible security posture. For Senior Security Engineer Ro","og:title":"VMware Carbon Black Cloud Endpoint Standard and Enterprise EDR for Indeed","og:description":"<span style=\"font-weight: bold;\">Indeed Stays a Step Ahead of Advanced Threats</span>\r\nAs a major employment search engine for job listings worldwide, Indeed puts an added focus on having the strongest possible security posture. For Senior Security Engineer Ro"},"deal_info":"","user":{"id":8862,"title":"Indeed","logoURL":"https://old.roi4cio.com/uploads/roi/company/indeed-logo.jpg","alias":"indeed","address":"","roles":[],"description":" Indeed is an American worldwide employment-related search engine for job listings launched in November 2004. It is a subsidiary of Japan's Recruit Co. Ltd. and is co-headquartered in Austin, Texas and Stamford, Connecticut with additional offices around the world. As a single-topic search engine, it is also an example of vertical search. Indeed is currently available in over 60 countries and 28 languages. In October 2010, Indeed.com passed Monster.com to become the highest-traffic job website in the United States.\r\nThe site aggregates job listings from thousands of websites, including job boards, staffing firms, associations, and company career pages. They generate revenue by selling premium job posting and resume features to employers and companies hiring. In 2011, Indeed began allowing job seekers to apply directly to jobs on Indeed's site and offering resume posting and storage.<br />Source: https://en.wikipedia.org/wiki/Indeed","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://indeed.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Indeed","keywords":"","description":" Indeed is an American worldwide employment-related search engine for job listings launched in November 2004. It is a subsidiary of Japan's Recruit Co. Ltd. and is co-headquartered in Austin, Texas and Stamford, Connecticut with additional offices around the w","og:title":"Indeed","og:description":" Indeed is an American worldwide employment-related search engine for job listings launched in November 2004. It is a subsidiary of Japan's Recruit Co. Ltd. and is co-headquartered in Austin, Texas and Stamford, Connecticut with additional offices around the w","og:image":"https://old.roi4cio.com/uploads/roi/company/indeed-logo.jpg"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":168,"title":"VMware","logoURL":"https://old.roi4cio.com/uploads/roi/company/vmware_logo.png","alias":"vmware","address":"","roles":[],"description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server market with VMware GSX Server and VMware ESX Server products. Today, VMware dominates the software virtualization market, controlling most of the global marketplace.<br /><br />The main activities of the company are such areas as software-defined data centers (SDDC), the creation of hybrid clouds (Hybrid Cloud), virtualization of workplaces of corporate users.<br />All VMware software products can be divided into several main categories: server virtualization, desktop virtualization, network virtualization, storage network virtualization, cloud environments.<br /><br />VMware software is used by millions of individuals and tens of thousands of enterprise customers around the world, including nearly all Fortune 100 companies. By leveraging VMware software to address business challenges such as increasing resource efficiency and availability, customers have achieved significant value. - In particular, to reduce the total cost of ownership, increase the return on investment and improve the quolity of customer service.<br /><br />VMware is headquartered in Palo Alto, California, USA and is majority owned by Dell EMC.</span>","companyTypes":[],"products":{},"vendoredProductsCount":24,"suppliedProductsCount":32,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":14,"vendorPartnersCount":2,"supplierPartnersCount":97,"b4r":0,"categories":{},"companyUrl":"https://www.vmware.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"VMware","keywords":"VMware, business, with, approach, cloud, modern, data, apps","description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server m","og:title":"VMware","og:description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server m","og:image":"https://old.roi4cio.com/uploads/roi/company/vmware_logo.png"},"eventUrl":""}],"products":[{"id":5739,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Enterprise EDR","vendorVerified":1,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-enterprise-edr","companyTypes":[],"description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.\r\nVMware Carbon Black Enterprise EDR is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. Enterprise EDR is delivered through the VMware Carbon Black Cloud, a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.\r\nUsing data continuously collected and sent to the VMware Carbon Black Cloud, Enterprise EDR provides immediate access to the most complete picture of an attack at all times, reducing lengthy investigations from days to minutes. This empowers teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers can.\r\nAlong with continuous visibility, Enterprise EDR gives you the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.<br /><br /><span style=\"font-weight: bold;\">Key Capabilities</span>\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Complete Endpoint Protection Platform</span></span>\r\nBuilt on the VMware Carbon Black Cloud, Enterprise EDR provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Continuous & Centralized Recording</span></span>\r\nCentralized access to continuously collected data means that security professionals have all the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Attack Chain Visualization & Search</span></span>\r\nEnterprise EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to avoid falling victim to the same attack twice.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Live Response for Remote Remediation</span></span><br />With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Automation via Integrations & Open APIs</span></span>\r\nCarbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Enterprise EDR into their existing security stack.<br /><br /><span style=\"font-weight: bold;\">BENEFITS</span>\r\n\r\n<ul><li>Reduced complexity for more efficient endpoint security</li></ul>\r\n<ul><li>Easy deployment,automated updates, and elastic scalability</li></ul>\r\n<ul><li>Accelerated investigations with continuous endpoint visibility</li></ul>\r\n<ul><li>Complete understanding of root cause to close existing gaps</li></ul>\r\n<ul><li>Secure remote access for investigations</li></ul>\r\n<ul><li>Greatly reduced dwell time and average time to resolution</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Lightweight sensor deployed and managed from the cloud</li></ul>\r\n<ul><li>Process and binary search of centralized, unfiltered data</li></ul>\r\n<ul><li>Out-of-the-box and customizable behavioral detection</li></ul>\r\n<ul><li>Proprietary and third-party threat intel feeds</li></ul>\r\n<ul><li>Automated watchlist store-run queries</li></ul>\r\n<ul><li>Interactive and expandable attack chain visualization</li></ul>\r\n<ul><li>Secure remote shell for rapid remediation</li></ul>\r\n<ul><li>Open APIs</li></ul>\r\n<span style=\"font-weight: bold;\"><br />PLATFORMS</span>\r\n<ul><li>Windows</li></ul>\r\n<ul><li>macOS</li></ul>\r\n<ul><li>Red Hat</li></ul>\r\n<ul><li>CentOS</li></ul>","shortDescription":"Cloud-based threat hunting and incident response (IR) solution delivering continuous visibility for top security operations centers (SOC) and IR teams.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Enterprise EDR","keywords":"","description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de","og:title":"VMware Carbon Black Cloud Enterprise EDR","og:description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de"},"eventUrl":"","translationId":5740,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6120,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Endpoint Standard","vendorVerified":1,"rating":"2.80","implementationsCount":3,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-endpoint-standard","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Prevention for Today’s Advanced Cyber Attacks</span>\r\nProtect your organization and customer data with an easy-to-manage, cloud-native endpoint protection platform (EPP) that combines prevention and automated detection to defend your organization from today’s advanced cyber attacks.\r\nThe VMware Carbon Black Cloud Endpoint Standard is a next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution that protects against the full spectrum of modern cyber attacks. Using the VMware Carbon Black Cloud’s universal agent and console, the solution applies behavioral analytics to endpoint events to streamline detection, prevention, and response to cyber attacks.\r\n<span style=\"font-weight: bold;\">Multi-level protection</span>\r\nCyber attackers are innovating faster than traditional defenses can withstand. Our next-generation antivirus (NGAV) solution employs multiple protection layers including file reputation and heuristics, machine learning, and behavioral models to analyze endpoint activity and block malicious behavior to stop all types of attacks before they reach critical systems. With flexible behavioral prevention policies, protection is easily tailored to your organization’s distinct needs.\r\n<span style=\"font-weight: bold;\">Enhance endpoint protection and operations</span>\r\nPrevent malicious attacks on your organization’s resources with a single NGAV and endpoint detection and response solution offering comprehensive prevention and endpoint activity analysis capabilities, and free up resources with our easy-to-use cloud platform for fast integration into your existing systems.\r\n\r\n<span style=\"font-weight: bold;\">Features:</span>\r\n<span style=\"font-weight: bold;\">Protection from known and emerging attacks and in-product alerts on the latest attacks from our security experts</span>\r\n<ul> <li>Comprehensive protection of your organization’s data and customer information from malware, non-malware and living off the land (LotL) attacks.</li> <li>Simplified deployment and operation with out-of-the-box policies to adapt protection to your organization.</li> </ul>\r\n<ul> <li>Stay up to date on the latest attacks with in-product updates from our expert Threat Analysis Unit (TAU).</li> </ul>\r\n<span style=\"font-weight: bold;\">Prioritized alerts, attack chain visualizations, and in-product response capabilities</span>\r\n<ul> <li>Save money and time investigating and responding to incidents. With visibility into the entire attack chain and endpoint activity analysis, there’s no need to spend time tracking down which of your systems were affected and when.</li> </ul>\r\n<ul> <li>Respond remotely and minimize downtime to endpoints with a tool that allows you to instantly roll back attacks from the console.</li> </ul>\r\n<span style=\"font-weight: bold;\">Flexible security policies</span>\r\n<ul> <li>Tailor policies to your organization’s specific needs for easy integration into your existing systems and security practices, with less false positives.</li> </ul>\r\n<span style=\"font-weight: bold;\">Single agent and cloud-native platform</span>\r\n<ul> <li>Simplify your security stack and return critical CPU cycles while improving performance on endpoints with an easy-touse, single cloud platform and agent.</li> </ul>\r\n<span style=\"font-weight: bold;\">Active, engaged user community of internal security experts and peers</span>\r\n<ul> <li>Get answers fast on how to use the product, and learn about the latest attacks and remediation tips from our expert Threat Analysis team and industry peers, with access to our User Exchange community.</li> </ul>\r\n<br /><span style=\"font-weight: bold;\">Benefits:</span>\r\n<ul> <li>Protection from known and unknown attacks</li> </ul>\r\n<ul> <li>Clear alerts and prioritization of potential attacks</li> </ul>\r\n<ul> <li>Easier investigation into security incidents</li> </ul>\r\n<ul> <li>Faster mean time to resolution (MTTR)</li> </ul>\r\n<ul> <li>Reduced overhead; no infrastructure required</li> </ul>\r\n<br /><span style=\"font-weight: bold;\">Operating Systems:</span>\r\n<ul> <li>Windows: Windows 7/8/10</li> </ul>\r\n<ul> <li>macOS X: 10.6.8+</li> </ul>\r\n<ul> <li>Linux RedHat (RHEL) & CentOS 6/7</li> </ul>\r\n<ul> <li>Windows 2008 R2</li> </ul>\r\n<ul> <li>Windows 2012</li> </ul>\r\n<ul> <li>Windows 2012 R2</li> </ul>\r\n<ul> <li>Windows 2016</li> </ul>\r\n<ul> <li>Windows 2019</li> </ul>","shortDescription":"VMware Carbon Black Cloud Endpoint Standard - next-generation antivirus and behavioral EDR delivers prevention for today’s advanced cyberattacks\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Endpoint Standard","keywords":"","description":"<span style=\"font-weight: bold;\">Prevention for Today’s Advanced Cyber Attacks</span>\r\nProtect your organization and customer data with an easy-to-manage, cloud-native endpoint protection platform (EPP) that combines prevention and automated detection to defen","og:title":"VMware Carbon Black Cloud Endpoint Standard","og:description":"<span style=\"font-weight: bold;\">Prevention for Today’s Advanced Cyber Attacks</span>\r\nProtect your organization and customer data with an easy-to-manage, cloud-native endpoint protection platform (EPP) that combines prevention and automated detection to defen"},"eventUrl":"","translationId":6121,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":10,"title":"Ensure Compliance"},{"id":254,"title":"Centralize management"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":397,"title":"Insufficient risk management"},{"id":393,"title":"Complex and non-transparent business processes"},{"id":387,"title":"Non-compliant with IT security requirements"},{"id":385,"title":"Risk of data loss or damage"},{"id":384,"title":"Risk of attacks by hackers"},{"id":371,"title":"No control over the state of communication channels"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":180,"title":"Inability to forecast execution timelines"},{"id":178,"title":"No control over data access"}]}},"categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://cdn.www.carbonblack.com/wp-content/uploads/VMWCB-Case-Study-Indeed.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},"vmware-carbon-black-cloud-for-progress-residential":{"id":1201,"title":"VMware Carbon Black Cloud for Progress Residential","description":"<span style=\"font-weight: bold; \">Summary</span><br />As a large provider of high quality single-family rental homes in the United States, Progress Residential has leveraged the power of a single platform with VMware Carbon Black Cloud. Tasked with the job of investing in cybersecurity, the Progress Residential team sought out a nextgeneration antivirus (NGAV) solution that would change the way they manage security, and found it with VMware Carbon Black.\r\n<span style=\"font-weight: bold; \">Seeking Sophisticated Prevention</span>\r\nBefore making the switch to VMware Carbon Black, Progress Residential needed to replace their traditional AV solution, Trend Micro, as it was no longer a viable solution for the anticipated growth of the company. Progress Residential leadership was looking to make an investment in cybersecurity, and wanted to find an innovative security vendor and solution that would prevent sophisticated attacks, and provide context and visibility into their environment.\r\nThe Progress Residential team began research looking at endpoint protection platforms CrowdStrike and Endgame, and with the help of partner CompuNet and industry peers, VMware Carbon Black was brought into the conversation. Before even approaching the VMware Carbon Black team, Cody Lavallee, IT Infrastructure Manager at Progress Residential, conducted his own research on VMware Carbon Black and found the company’s vision compelling.\r\n<span style=\"font-weight: bold; \">The Advantage of a Single Platform</span>\r\nWith VMware Carbon Black, Progress Residential can take advantage of the PSC platform to save significant time for their SOC team. As Lavallee shared, <span style=\"font-style: italic; \">“I now have the ability for a 24/7 SOC to immediately identify and take action on any issues that come up without needing to reach out to my team at all hours of the day/night.”</span>\r\nThere are also operational benefits from using VMware Carbon Black. Their previous solution lacked response capabilities, and remediation often required a prolonged process. VMware Carbon Black, on the other hand, allows them to solve fundamental problems quickly by leveraging platform functionality such as real-time endpoint query through VMware Carbon Black® Cloud Audit and Remediation<span style=\"font-style: italic; \">.“VMware Carbon Black® Cloud Audit and Remediation was a game changer,”</span> said Lavallee <span style=\"font-style: italic; \">“it enables us to tell the technology what we need and get the information back.”</span>\r\nThe team also found the visibility available through VMware Carbon Black Cloud Managed Detection™ and its expert threat reports extremely valuable, especially in their onboarding process. These VMware Carbon Black Cloud Managed Detection™ reports demonstrated VMware Carbon Black’s ability to improve their security posture to the Progress Residential executive team.\r\nThe products on the cloud platform have consolidated Progress Residential’s security stack, providing exactly what the executive team required of a security vendor. More specifically, the new addition of the threat hunting and incident response solution VMware Carbon Black Cloud Enterprise EDR. The unfiltered visibility via VMware Carbon Black Cloud Enterprise EDR provides actionable versus anomalous activity for their SOC team. <span style=\"font-style: italic; \">“We wanted to stay on the cutting-edge of cybersecurity and Carbon Black Cloud Enterprise EDR provided us with additional security resources to do that”</span>says Lavallee.\r\n<span style=\"font-weight: bold; \">Conclusion</span>\r\nWith the power of a single platform, Progress Residential has been able to improve their security posture and redefine security management for the company. The competition could not compete with the wealth of the products on the VMware Carbon Black Cloud, and neither will the adversaries.","alias":"vmware-carbon-black-cloud-for-progress-residential","roi":0,"seo":{"title":"VMware Carbon Black Cloud for Progress Residential","keywords":"","description":"<span style=\"font-weight: bold; \">Summary</span><br />As a large provider of high quality single-family rental homes in the United States, Progress Residential has leveraged the power of a single platform with VMware Carbon Black Cloud. Tasked with the job of ","og:title":"VMware Carbon Black Cloud for Progress Residential","og:description":"<span style=\"font-weight: bold; \">Summary</span><br />As a large provider of high quality single-family rental homes in the United States, Progress Residential has leveraged the power of a single platform with VMware Carbon Black Cloud. Tasked with the job of "},"deal_info":"","user":{"id":5983,"title":"Progress Residential","logoURL":"https://old.roi4cio.com/uploads/roi/company/progress_logo.png","alias":"progress-residential","address":"","roles":[],"description":" Progress Residential is one of the largest providers of high-quality, single-family rental homes in the US, with homes in 16 of the country’s fastest-growing real estate markets. They are modernizing the home rental process, making it easy for people to find, lease, and enjoy their perfect rental home. \r\nOver the past three years, Progress Residential's portfolio has doubled in size to over 30,000 homes.\r\nProgress Residential has a national footprint with their executive office located in Dallas, Texas, their corporate office in Scottsdale, Arizona, and regional offices in Atlanta, Charlotte, Dallas, Houston, Indianapolis, Jacksonville, Las Vegas, Memphis, Miami, Nashville, Orlando, Phoenix, Raleigh, Sarasota, Tampa, and Tucson.\r\n\r\nSource: https://www.linkedin.com/company/progress-residential/about/","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":2,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://rentprogress.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Progress Residential","keywords":"","description":" Progress Residential is one of the largest providers of high-quality, single-family rental homes in the US, with homes in 16 of the country’s fastest-growing real estate markets. They are modernizing the home rental process, making it easy for people to find,","og:title":"Progress Residential","og:description":" Progress Residential is one of the largest providers of high-quality, single-family rental homes in the US, with homes in 16 of the country’s fastest-growing real estate markets. They are modernizing the home rental process, making it easy for people to find,","og:image":"https://old.roi4cio.com/uploads/roi/company/progress_logo.png"},"eventUrl":""},"supplier":{"id":8858,"title":"CompuNet, Inc","logoURL":"https://old.roi4cio.com/uploads/roi/company/CompuNet_logo.png","alias":"compunet-inc","address":"2264 S. Bonito Way, Suite 150, Meridian, Idaho 83642, US","roles":[],"description":" CompuNet, Inc. is a leading value-added reseller and managed service provider for information technology solutions, with offices in the Western US and headquartered in Meridian, Idaho. Its approach is to understand our clients’ business needs, engineer IT solutions that precisely fit those needs, and deploy those solutions on time and on budget. CompuNet strives to create technology solutions that are a perfect fit with what you want to accomplish today and tomorrow.<br />Source: https://www.linkedin.com/company/compunet/","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":1,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.compunet.biz/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"CompuNet, Inc","keywords":"","description":" CompuNet, Inc. is a leading value-added reseller and managed service provider for information technology solutions, with offices in the Western US and headquartered in Meridian, Idaho. Its approach is to understand our clients’ business needs, engineer IT sol","og:title":"CompuNet, Inc","og:description":" CompuNet, Inc. is a leading value-added reseller and managed service provider for information technology solutions, with offices in the Western US and headquartered in Meridian, Idaho. Its approach is to understand our clients’ business needs, engineer IT sol","og:image":"https://old.roi4cio.com/uploads/roi/company/CompuNet_logo.png"},"eventUrl":""},"vendors":[{"id":168,"title":"VMware","logoURL":"https://old.roi4cio.com/uploads/roi/company/vmware_logo.png","alias":"vmware","address":"","roles":[],"description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server market with VMware GSX Server and VMware ESX Server products. Today, VMware dominates the software virtualization market, controlling most of the global marketplace.<br /><br />The main activities of the company are such areas as software-defined data centers (SDDC), the creation of hybrid clouds (Hybrid Cloud), virtualization of workplaces of corporate users.<br />All VMware software products can be divided into several main categories: server virtualization, desktop virtualization, network virtualization, storage network virtualization, cloud environments.<br /><br />VMware software is used by millions of individuals and tens of thousands of enterprise customers around the world, including nearly all Fortune 100 companies. By leveraging VMware software to address business challenges such as increasing resource efficiency and availability, customers have achieved significant value. - In particular, to reduce the total cost of ownership, increase the return on investment and improve the quolity of customer service.<br /><br />VMware is headquartered in Palo Alto, California, USA and is majority owned by Dell EMC.</span>","companyTypes":[],"products":{},"vendoredProductsCount":24,"suppliedProductsCount":32,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":14,"vendorPartnersCount":2,"supplierPartnersCount":97,"b4r":0,"categories":{},"companyUrl":"https://www.vmware.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"VMware","keywords":"VMware, business, with, approach, cloud, modern, data, apps","description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server m","og:title":"VMware","og:description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server m","og:image":"https://old.roi4cio.com/uploads/roi/company/vmware_logo.png"},"eventUrl":""}],"products":[{"id":5739,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Enterprise EDR","vendorVerified":1,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-enterprise-edr","companyTypes":[],"description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.\r\nVMware Carbon Black Enterprise EDR is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. Enterprise EDR is delivered through the VMware Carbon Black Cloud, a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.\r\nUsing data continuously collected and sent to the VMware Carbon Black Cloud, Enterprise EDR provides immediate access to the most complete picture of an attack at all times, reducing lengthy investigations from days to minutes. This empowers teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers can.\r\nAlong with continuous visibility, Enterprise EDR gives you the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.<br /><br /><span style=\"font-weight: bold;\">Key Capabilities</span>\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Complete Endpoint Protection Platform</span></span>\r\nBuilt on the VMware Carbon Black Cloud, Enterprise EDR provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Continuous & Centralized Recording</span></span>\r\nCentralized access to continuously collected data means that security professionals have all the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Attack Chain Visualization & Search</span></span>\r\nEnterprise EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to avoid falling victim to the same attack twice.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Live Response for Remote Remediation</span></span><br />With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Automation via Integrations & Open APIs</span></span>\r\nCarbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Enterprise EDR into their existing security stack.<br /><br /><span style=\"font-weight: bold;\">BENEFITS</span>\r\n\r\n<ul><li>Reduced complexity for more efficient endpoint security</li></ul>\r\n<ul><li>Easy deployment,automated updates, and elastic scalability</li></ul>\r\n<ul><li>Accelerated investigations with continuous endpoint visibility</li></ul>\r\n<ul><li>Complete understanding of root cause to close existing gaps</li></ul>\r\n<ul><li>Secure remote access for investigations</li></ul>\r\n<ul><li>Greatly reduced dwell time and average time to resolution</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Lightweight sensor deployed and managed from the cloud</li></ul>\r\n<ul><li>Process and binary search of centralized, unfiltered data</li></ul>\r\n<ul><li>Out-of-the-box and customizable behavioral detection</li></ul>\r\n<ul><li>Proprietary and third-party threat intel feeds</li></ul>\r\n<ul><li>Automated watchlist store-run queries</li></ul>\r\n<ul><li>Interactive and expandable attack chain visualization</li></ul>\r\n<ul><li>Secure remote shell for rapid remediation</li></ul>\r\n<ul><li>Open APIs</li></ul>\r\n<span style=\"font-weight: bold;\"><br />PLATFORMS</span>\r\n<ul><li>Windows</li></ul>\r\n<ul><li>macOS</li></ul>\r\n<ul><li>Red Hat</li></ul>\r\n<ul><li>CentOS</li></ul>","shortDescription":"Cloud-based threat hunting and incident response (IR) solution delivering continuous visibility for top security operations centers (SOC) and IR teams.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Enterprise EDR","keywords":"","description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de","og:title":"VMware Carbon Black Cloud Enterprise EDR","og:description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de"},"eventUrl":"","translationId":5740,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6116,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud","vendorVerified":1,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"vmware-carbon-black-cloud","companyTypes":[],"description":" \r\n<span lang=\"EN-US\">VMware Carbon Black Cloud is a cloud native endpoint and workload protection platform (EPP and CWP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweight agent and an easy-to-use console. By analyzing more than 1 trillion security events per day, VMware Carbon Black Cloud proactively uncovers attackers’ behavior patterns and empowers defenders to detect and stop emerging attacks. As a key means to realizing intrinsic security, VMware Carbon Black Cloud simplifies and strengthens your approach to security across any app, any cloud, and any device.</span>\r\n\r\n<span style=\"font-weight: bold; \">Adaptive Prevention Delivers Better Protection</span>\r\nThe majority of today’s cyberattacks feature advanced tactics such as lateral movement and island hopping that target legitimate tools to inflict damage. These sophisticated hacking methods pose a tremendous risk to targets with decentralized systems protecting high-value assets, including money, intellectual property and state secrets.\r\nVMware Carbon Black CloudTM thwarts attacks by making it easier to:\r\n<ul><li>Analyze billions of system events to understand what is normal in your environment</li></ul>\r\n<ul><li>Prevent attackers from abusing legitimate tools</li></ul>\r\n<ul><li>Automate your investigation workflow to respond efficiently</li></ul>\r\nAll of this is unified into one console and one agent, so that infrastructure and InfoSec teams have a single, shared source of truth to improve security together.\r\n<span style=\"font-weight: bold; \">One Platform for Your Endpoint Security Needs</span>\r\nVMware Carbon Black Cloud consolidates multiple endpoint security capabilities using one agent and console, helping you operate faster and more effectively. As part of VMware’s intrinsic security approach, VMware Carbon Black Cloud spans the system hardening and threat prevention workflow to accelerate responses and defend against a variety of threats.\r\n<span style=\"font-weight: bold; \">Endpoint standard – next-generation antivirus and behavioral EDR</span>\r\nAnalyze attacker behavior patterns over time to detect and stop never-seen-before attacks, whether they are malware, fileless or living-off-the-land attacks.\r\n<span style=\"font-weight: bold; \">Managed detection – managed alert monitoring and triage</span><br />Gain 24-hour visibility from our security operations center of expert analysts, who provide validation, context into root cause and automated monthly executive reporting.\r\n<span style=\"font-weight: bold; \">Audit and remediation – real-time device assessment and remediation</span>\r\nEasily audit the current system state to track and harden the security posture of all your protected devices.\r\n<span style=\"font-weight: bold; \">Enterprise EDR – threat hunting and containment</span>\r\nProactively hunt for abnormal activity using threat intelligence and customizable detections.","shortDescription":"VMware Carbon Black Cloud is a cloud native endpoint and workload protection platform that combines the intelligent system hardening and behavioral prevention ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud","keywords":"","description":" \r\n<span lang=\"EN-US\">VMware Carbon Black Cloud is a cloud native endpoint and workload protection platform (EPP and CWP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweigh","og:title":"VMware Carbon Black Cloud","og:description":" \r\n<span lang=\"EN-US\">VMware Carbon Black Cloud is a cloud native endpoint and workload protection platform (EPP and CWP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweigh"},"eventUrl":"","translationId":6117,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6118,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Audit and Remediation","vendorVerified":1,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-audit-and-remediation","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Real-Time Device Assessment & Remediation</span>\r\nEven the most effective security teams are often forced to play catch up during emergency situations due to limited time and resources to perform regular, proactive analysis and evaluate potential risks.\r\nAny delays during the investigation prolongs downtime and leaves the organization open to increased risk. Once the scope of an attack is understood, dispersed processes and tool sets can cause bottlenecks that delay the remediation of problematic endpoints.\r\nVMware Carbon Black Audit and Remediation is a real-time assessment and remediation solution that gives teams faster, easier access to audit and change the system state of endpoints across their organization.\r\nBy providing administrators with real-time query capabilities from a cloud-native endpoint protection platform, Audit and Remediation enables teams to make quick, confident decisions to harden systems and improve security posture. Audit and Remediation closes the gap between security and operations, allowing administrators to perform full investigations and take action to remotely remediate endpoints all from a single solution.<br /><br /><span style=\"font-weight: bold;\">KEY CAPABILITIES</span>\r\n<span style=\"font-weight: bold;\">Single Agent, Cloud Platform</span>\r\nAudit and Remediation is built on the PSC, a cloud-native endpoint protection platform that offers converged prevention, detection, and response with additional services that can be activated as you need them, using the same converged agent, without any additional deployment or infrastructure.\r\n<span style=\"font-weight: bold;\">On-Demand Queries</span>\r\nAudit and Remediation gives your Security & IT Operations team visibility into even the most precise about the current system state of all endpoints, enabling you to make quick, confident decisions to reduce risk.\r\n<span style=\"font-weight: bold;\">Immediate Remote Remediation</span>\r\nAudit and Remediation closes the gap between security and operations, giving administrators a remote shell directly into endpoints to perform full investigations and remote remediations all from a single cloud-based platform.\r\n<span style=\"font-weight: bold;\">Simplified Operational Reporting</span>\r\nAudit and Remediation allows you to schedule daily, weekly, or monthly queries to automate operational reporting on patch levels, user privileges, disk encryption status and more to track & maintain the desired state of your ever-changing environment.<br /><span style=\"font-weight: bold;\"><br />BENEFITS</span>\r\n<ul><li>Execute abroad range of operational activities quickly and confidently</li></ul>\r\n<ul><li>Establish proactive IT hygiene to prevent attacks</li><li>Build consistency into operational reporting and auditing processes</li></ul>\r\n<ul><li>Remove barriers between security analysis and IT operations</li><li>Extend existing investigation and remediation capabilities</li><li>Replace adhoc scripts and manual tasks with a structured security platform</li><li>Automate operational reporting with scheduled queries</li></ul>\r\n<br /><span style=\"font-weight: bold;\">AUDIT AND REMEDIATION</span>\r\n<ul><li>Leverages the same agenta nd console as NGAV, EDR and threat hunting platform</li><li>Cloud-based storage of all query results</li><li>Easy access to unified data across Security and IT teams</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Pre-Built Recommended Queries</li><li>SQL query (open text field)</li><li>Query Scheduler</li><li>Copy & Re-run Queries</li><li>Save and favorite queries</li><li>Email notifications</li><li>Filter and group results</li><li>Data export</li><li>Secure shell for remote remediation</li><li>Two-way API</li></ul>\r\n<br /><span style=\"font-weight: bold;\">PLATFORMS</span>\r\n<ul><li>Windows 7 and above</li><li>Windows Server 2008 R2 and above</li><li>MacOS 10.10 and above</li><li>RedHat 6 and above</li><li>CentOS 6 and above</li><li>Ubuntu 16.04 and above</li><li>SUSE 12 and above</li><li>OpenS USE 15 & 42</li><li>Amazon Linux 2</li></ul>","shortDescription":"VMware Carbon Black® Cloud Audit and Remediation™: Secure sensitive data against advanced attacks with a cloud native endpoint protection platform.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Audit and Remediation","keywords":"","description":"<span style=\"font-weight: bold;\">Real-Time Device Assessment & Remediation</span>\r\nEven the most effective security teams are often forced to play catch up during emergency situations due to limited time and resources to perform regular, proactive analysis","og:title":"VMware Carbon Black Cloud Audit and Remediation","og:description":"<span style=\"font-weight: bold;\">Real-Time Device Assessment & Remediation</span>\r\nEven the most effective security teams are often forced to play catch up during emergency situations due to limited time and resources to perform regular, proactive analysis"},"eventUrl":"","translationId":6119,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6120,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Endpoint Standard","vendorVerified":1,"rating":"2.80","implementationsCount":3,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-endpoint-standard","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Prevention for Today’s Advanced Cyber Attacks</span>\r\nProtect your organization and customer data with an easy-to-manage, cloud-native endpoint protection platform (EPP) that combines prevention and automated detection to defend your organization from today’s advanced cyber attacks.\r\nThe VMware Carbon Black Cloud Endpoint Standard is a next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution that protects against the full spectrum of modern cyber attacks. Using the VMware Carbon Black Cloud’s universal agent and console, the solution applies behavioral analytics to endpoint events to streamline detection, prevention, and response to cyber attacks.\r\n<span style=\"font-weight: bold;\">Multi-level protection</span>\r\nCyber attackers are innovating faster than traditional defenses can withstand. Our next-generation antivirus (NGAV) solution employs multiple protection layers including file reputation and heuristics, machine learning, and behavioral models to analyze endpoint activity and block malicious behavior to stop all types of attacks before they reach critical systems. With flexible behavioral prevention policies, protection is easily tailored to your organization’s distinct needs.\r\n<span style=\"font-weight: bold;\">Enhance endpoint protection and operations</span>\r\nPrevent malicious attacks on your organization’s resources with a single NGAV and endpoint detection and response solution offering comprehensive prevention and endpoint activity analysis capabilities, and free up resources with our easy-to-use cloud platform for fast integration into your existing systems.\r\n\r\n<span style=\"font-weight: bold;\">Features:</span>\r\n<span style=\"font-weight: bold;\">Protection from known and emerging attacks and in-product alerts on the latest attacks from our security experts</span>\r\n<ul> <li>Comprehensive protection of your organization’s data and customer information from malware, non-malware and living off the land (LotL) attacks.</li> <li>Simplified deployment and operation with out-of-the-box policies to adapt protection to your organization.</li> </ul>\r\n<ul> <li>Stay up to date on the latest attacks with in-product updates from our expert Threat Analysis Unit (TAU).</li> </ul>\r\n<span style=\"font-weight: bold;\">Prioritized alerts, attack chain visualizations, and in-product response capabilities</span>\r\n<ul> <li>Save money and time investigating and responding to incidents. With visibility into the entire attack chain and endpoint activity analysis, there’s no need to spend time tracking down which of your systems were affected and when.</li> </ul>\r\n<ul> <li>Respond remotely and minimize downtime to endpoints with a tool that allows you to instantly roll back attacks from the console.</li> </ul>\r\n<span style=\"font-weight: bold;\">Flexible security policies</span>\r\n<ul> <li>Tailor policies to your organization’s specific needs for easy integration into your existing systems and security practices, with less false positives.</li> </ul>\r\n<span style=\"font-weight: bold;\">Single agent and cloud-native platform</span>\r\n<ul> <li>Simplify your security stack and return critical CPU cycles while improving performance on endpoints with an easy-touse, single cloud platform and agent.</li> </ul>\r\n<span style=\"font-weight: bold;\">Active, engaged user community of internal security experts and peers</span>\r\n<ul> <li>Get answers fast on how to use the product, and learn about the latest attacks and remediation tips from our expert Threat Analysis team and industry peers, with access to our User Exchange community.</li> </ul>\r\n<br /><span style=\"font-weight: bold;\">Benefits:</span>\r\n<ul> <li>Protection from known and unknown attacks</li> </ul>\r\n<ul> <li>Clear alerts and prioritization of potential attacks</li> </ul>\r\n<ul> <li>Easier investigation into security incidents</li> </ul>\r\n<ul> <li>Faster mean time to resolution (MTTR)</li> </ul>\r\n<ul> <li>Reduced overhead; no infrastructure required</li> </ul>\r\n<br /><span style=\"font-weight: bold;\">Operating Systems:</span>\r\n<ul> <li>Windows: Windows 7/8/10</li> </ul>\r\n<ul> <li>macOS X: 10.6.8+</li> </ul>\r\n<ul> <li>Linux RedHat (RHEL) & CentOS 6/7</li> </ul>\r\n<ul> <li>Windows 2008 R2</li> </ul>\r\n<ul> <li>Windows 2012</li> </ul>\r\n<ul> <li>Windows 2012 R2</li> </ul>\r\n<ul> <li>Windows 2016</li> </ul>\r\n<ul> <li>Windows 2019</li> </ul>","shortDescription":"VMware Carbon Black Cloud Endpoint Standard - next-generation antivirus and behavioral EDR delivers prevention for today’s advanced cyberattacks\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Endpoint Standard","keywords":"","description":"<span style=\"font-weight: bold;\">Prevention for Today’s Advanced Cyber Attacks</span>\r\nProtect your organization and customer data with an easy-to-manage, cloud-native endpoint protection platform (EPP) that combines prevention and automated detection to defen","og:title":"VMware Carbon Black Cloud Endpoint Standard","og:description":"<span style=\"font-weight: bold;\">Prevention for Today’s Advanced Cyber Attacks</span>\r\nProtect your organization and customer data with an easy-to-manage, cloud-native endpoint protection platform (EPP) that combines prevention and automated detection to defen"},"eventUrl":"","translationId":6121,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6130,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Managed Detection","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-managed-detection","companyTypes":[],"description":"As enterprises face a shortage of skilled security professionals, security teams often spend too much time monitoring and validating alerts, which limits their ability to address other security needs. Even more concerning, when attacks occur, many security analysts are limited by the tools and data available for analysis in their own environment.This is compounded by lack of visibility into the history of the event. \r\nCarbon Black Cloud Managed Detection provides a much needed view into attacks with recommendations for the policy changes needed to remediate the threat. Managed Detection Analysts notify service subscribers via email of threats and provide specific policy changes to address the threat in Carbon Black Cloud Next Gen AV and Behavioral EDR. Built directly on the Carbon Black Cloud platform, CB Managed Detection is staffed by a world-class team of security experts who monitor and analyze the data in the Carbon Black Cloud using advanced machine learning and algorithmic tool sets.<br />Offered as a managed service, Managed Detection provides a world-class team of Carbon Black security experts who with your organization to validate and prioritize alerts, uncover new threats and accelerate investigations. <br /><br /><span style=\"font-weight: bold;\">Key Capabilities</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Threat Validation and Insight</span></span>\r\nWith 24x7x365 coverage, your team can have true peace of mind knowing that nothing will slip through the cracks. Carbon Black’s security experts proactively validate alerts and send email notifications, helping to assure that your team doesn’t miss the alerts that matter.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Roadmap to Root Cause</span></span>\r\nCarbon Black Managed Detection provides additional, human-generated context to Carbon Black NGAV and Behavioral EDR alerts, such as connecting alerts caused by the same root cause, to help you streamline investigations and resolve security issues.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Outbreak Advisories</span></span>\r\nCarbon Black’s Threat Analysis Unit constantly monitors threat trends across the globe. When widespread and newsworthy outbreaks occur our team sends out advisories that include indicators of compromise, giving your team a jump start on assessing risk and closing gaps.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Monthly Reporting</span></span>\r\nOur Carbon Black Managed Detection experts provide monthly reports that summarize activity across your environment, including the most common suspicious events and most targeted machines. These reports provide a starting point for refining policies, help your team see big-picture trends and make reporting effortless.<br /><br /><span style=\"font-weight: bold;\">BENEFITS</span>\r\n<ul><li>More efficient and proactive security operations</li></ul>\r\n<ul><li>More actionable alerts, reducing alert fatigue</li></ul>\r\n<ul><li>Notifications provide analysts with the information needed to keep their leadership aware of threats and mitigations.</li></ul>\r\n<ul><li>Reduced time spent investigating root cause</li></ul>\r\n<ul><li>Alleviation of staffing pressures with 24x7 support</li></ul>\r\n<ul><li>Clearer view of security trends to help guide policy</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Threat validation</li></ul>\r\n<ul><li>Email alerts</li></ul>\r\n<ul><li>Root cause analysis</li></ul>\r\n<ul><li>Threat advisories</li></ul>\r\n<ul><li>Monthly reports</li></ul>\r\n<br /><span style=\"font-weight: bold;\">PLATFORMS</span>\r\nCarbon Black Managed Detection is an add-on service to Carbon Black NGAV and Behavioral EDR, which supports:\r\n<ul><li>Windows: Windows 7/8/10</li></ul>\r\n<ul><li>Mac OS X: 10.6.8+</li></ul>\r\n<ul><li>Server: <br />Windows 2008<br />Windows 2012<br />Windows 2016</li></ul>","shortDescription":"Take fast action and gain real-time threat insights from dedicated managed alert monitoring and triage services.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Managed Detection","keywords":"","description":"As enterprises face a shortage of skilled security professionals, security teams often spend too much time monitoring and validating alerts, which limits their ability to address other security needs. Even more concerning, when attacks occur, many security ana","og:title":"VMware Carbon Black Cloud Managed Detection","og:description":"As enterprises face a shortage of skilled security professionals, security teams often spend too much time monitoring and validating alerts, which limits their ability to address other security needs. Even more concerning, when attacks occur, many security ana"},"eventUrl":"","translationId":6133,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"},{"id":335,"title":"Secure Content and Threat Management","alias":"secure-content-and-threat-management","description":" Secure content management is the set of processes and technologies that supports the collection, managing, and publishing of information. It involves processes for protecting the company from viruses, spam and undesirable web pages to not only provide enhanced security but also address productivity and potential human resources issues. Even after controlling the number of avenues through which information can enter, after the implementation of perimeter security, the cyber attackers still find ways to piggyback across valid communication channels.\r\nSecure Content Management technologies have evolved rapidly over the last few years due to the complexity of threats associated with email and web gateways. Businesses are increasingly focusing on eliminating this threat by adopting the 2 gateways, rather than the purely productive driven anti-spam and web-filtering techniques.\r\nSecure Content Management solutions are gaining traction due to the increased need for handling voluminous content that is getting generated in organizations on a daily basis. The rising adoption of digitalization, Bring Your Own Device (BYOD), growth of e-commerce, and social media has increased the amount of content generated in inter-organizations and intra-organizations.\r\nSCM solutions offer clients with the benefit of paper-free workflow, accurate searching of the required information, and better information sharing, and also addresses required industry standards and regulations. SCM solutions enable clients with handling essential enterprise information and save time and cost associated with searching for the required business data for making key business decisions.\r\nThe solutions offered for Secure Content Management includes:\r\n<span style=\"font-style: italic;\">Anti-Spam:</span> Spam Filters are introduced for spam e-mail which not only consumes time and money but also network and mail server resources.\r\n<span style=\"font-style: italic;\">Web Surfing:</span> Limiting the websites that end-users are allowed to access will increase work productivity, ensure maximum bandwidth availability and lower the liability issues.\r\n<span style=\"font-style: italic;\">Instant Messaging:</span> Convenient and growing, but difficult to handle, this technology serves as a back door for viruses and worms to enter your network. It also provides a way for sensitive information to be shared over the network.<br /><br /><br />","materialsDescription":" <span style=\"font-weight: bold;\">What are the reasons for adopting secure content management?</span>\r\nFollowing are the reasons for creating the need for secure content management:\r\n<ul><li>Lost productivity</li><li>Introduction of malicious code</li><li>Potential liability</li><li>Wasted network resources</li><li>Control over intellectual property</li><li>Regulatory Compliance</li></ul>\r\nBecause of these reasons, there is rising concern over the security of the organization and creating the need for the adoption of Secure content Management from the clients.\r\n<span style=\"font-weight: bold;\">Strategy Adopted for implementing Secure Content Management</span>\r\nThe strategy applied for Secure Content Management includes the 4 step process including\r\n<span style=\"font-weight: bold;\">Discover</span> involves Identifying and Defining the process of Data Management and collecting the data created.\r\n<span style=\"font-weight: bold;\">Classify</span> is the process of identifying critical data and segregating between secure information and unstructured information.\r\n<span style=\"font-weight: bold;\">Control</span> involves the process of data cleansing, Encrypting the digital content and Securing critical information.\r\n<span style=\"font-weight: bold;\">Govern</span> is the process of creating Service Level Agreements for usage rules, retention rules.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Content_and_Threat_Management.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":220,"title":"United States","name":"USA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":254,"title":"Centralize management"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":180,"title":"Inability to forecast execution timelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":348,"title":"No centralized control over IT systems"},{"id":354,"title":"Low bandwidth data channels"},{"id":370,"title":"No automated business processes"},{"id":376,"title":"Unstructured data"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":397,"title":"Insufficient risk management"}]}},"categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":465,"title":"UEBA - User and Entity Behavior Analytics","alias":"ueba-user-and-entity-behavior-analytics","description":"Developments in UBA technology led Gartner to evolve the category to user and entity behavior analytics (UEBA). In September 2015, Gartner published the Market Guide for User and Entity Analytics by Vice President and Distinguished Analyst, Avivah Litan, that provided a thorough definition and explanation. UEBA was referred to in earlier Gartner reports but not in much depth. Expanding the definition from UBA includes devices, applications, servers, data, or anything with an IP address. It moves beyond the fraud-oriented UBA focus to a broader one encompassing "malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP." The addition of "entity" reflects that devices may play a role in a network attack and may also be valuable in uncovering attack activity. "When end users have been compromised, malware can lay dormant and go undetected for months. Rather than trying to find where the outsider entered, UEBAs allow for quicker detection by using algorithms to detect insider threats."\r\nParticularly in the computer security market, there are many vendors for UEBA applications. They can be "differentiated by whether they are designed to monitor on-premises or cloud-based software as a service (SaaS) applications; the methods in which they obtain the source data; the type of analytics they use (i.e., packaged analytics, user-driven or vendor-written), and the service delivery method (i.e., on-premises or a cloud-based)." According to the 2015 market guide released by Gartner, "the UEBA market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased." The report further projected, "Over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. It will be—and in some cases already is—much easier to discover some security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems."","materialsDescription":"<span style=\"font-weight: bold;\">What is UEBA?</span>\r\nHackers can break into firewalls, send you e-mails with malicious and infected attachments, or even bribe an employee to gain access into your firewalls. Old tools and systems are quickly becoming obsolete, and there are several ways to get past them.\r\nUser and entity behavior analytics (UEBA) give you more comprehensive way of making sure that your organization has top-notch IT security, while also helping you detect users and entities that might compromise your entire system.\r\nUEBA is a type of cybersecurity process that takes note of the normal conduct of users. In turn, they detect any anomalous behavior or instances when there are deviations from these “normal” patterns. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and alert them immediately.\r\nUEBA uses machine learning, algorithms, and statistical analyses to know when there is a deviation from established patterns, showing which of these anomalies could result in, potentially, a real threat. UEBA can also aggregate the data you have in your reports and logs, as well as analyze the file, flow, and packet information.\r\nIn UEBA, you do not track security events or monitor devices; instead, you track all the users and entities in your system. As such, UEBA focuses on insider threats, such as employees who have gone rogue, employees who have already been compromised, and people who already have access to your system and then carry out targeted attacks and fraud attempts, as well as servers, applications, and devices that are working within your system.\r\n<span style=\"font-weight: bold;\">What are the benefits of UEBA?</span>\r\nIt is the unfortunate truth that today's cybersecurity tools are fast becoming obsolete, and more skilled hackers and cyber attackers are now able to bypass the perimeter defenses that are used by most companies. In the old days, you were secure if you had web gateways, firewalls, and intrusion prevention tools in place. This is no longer the case in today’s complex threat landscape, and it’s especially true for bigger corporations that are proven to have very porous IT perimeters that are also very difficult to manage and oversee.\r\nThe bottom line? Preventive measures are no longer enough. Your firewalls are not going to be 100% foolproof, and hackers and attackers will get into your system at one point or another. This is why detection is equally important: when hackers do successfully get into your system, you should be able to detect their presence quickly in order to minimize the damage.\r\n<span style=\"font-weight: bold;\">How Does UEBA Work?</span>\r\nThe premise of UEBA is actually very simple. You can easily steal an employee’s user name and password, but it is much harder to mimic the person’s normal behavior once inside the network.\r\nFor example, let’s say you steal Jane Doe’s password and user name. You would still not be able to act precisely like Jane Doe once in the system unless given extensive research and preparation. Therefore, when Jane Doe’s user name is logged in to the system, and her behavior is different than that of typical Jane Doe, that is when UEBA alerts start to sound.\r\nAnother relatable analogy would be if your credit card was stolen. A thief can pickpocket your wallet and go to a high-end shop and start spending thousands of dollars using your credit card. If your spending pattern on that card is different from the thief’s, the company’s fraud detection department will often recognize the abnormal spending and block suspicious purchases, issuing an alert to you or asking you to verify the authenticity of a transaction.\r\nAs such, UEBA is a very important component of IT security, allowing you to:\r\n1. Detect insider threats. It is not too far-fetched to imagine that an employee, or perhaps a group of employees, could go rogue, stealing data and information by using their own access. UEBA can help you detect data breaches, sabotage, privilege abuse and policy violations made by your own staff.\r\n2. Detect compromised accounts. Sometimes, user accounts are compromised. It could be that the user unwittingly installed malware on his or her machine, or sometimes a legitimate account is spoofed. UEBA can help you weed out spoofed and compromised users before they can do real harm.\r\n3. Detect brute-force attacks. Hackers sometimes target your cloud-based entities as well as third-party authentication systems. With UEBA, you are able to detect brute-force attempts, allowing you to block access to these entities.\r\n4. Detect changes in permissions and the creation of super users. Some attacks involve the use of super users. UEBA allows you to detect when super users are created, or if there are accounts that were granted unnecessary permissions.\r\n5. Detect breach of protected data. If you have protected data, it is not enough to just keep it secure. You should know when a user accesses this data when he or she does not have any legitimate business reason to access it.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_User_and_Entity_Behavior_Analytics.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":335,"title":"Secure Content and Threat Management","alias":"secure-content-and-threat-management","description":" Secure content management is the set of processes and technologies that supports the collection, managing, and publishing of information. It involves processes for protecting the company from viruses, spam and undesirable web pages to not only provide enhanced security but also address productivity and potential human resources issues. Even after controlling the number of avenues through which information can enter, after the implementation of perimeter security, the cyber attackers still find ways to piggyback across valid communication channels.\r\nSecure Content Management technologies have evolved rapidly over the last few years due to the complexity of threats associated with email and web gateways. Businesses are increasingly focusing on eliminating this threat by adopting the 2 gateways, rather than the purely productive driven anti-spam and web-filtering techniques.\r\nSecure Content Management solutions are gaining traction due to the increased need for handling voluminous content that is getting generated in organizations on a daily basis. The rising adoption of digitalization, Bring Your Own Device (BYOD), growth of e-commerce, and social media has increased the amount of content generated in inter-organizations and intra-organizations.\r\nSCM solutions offer clients with the benefit of paper-free workflow, accurate searching of the required information, and better information sharing, and also addresses required industry standards and regulations. SCM solutions enable clients with handling essential enterprise information and save time and cost associated with searching for the required business data for making key business decisions.\r\nThe solutions offered for Secure Content Management includes:\r\n<span style=\"font-style: italic;\">Anti-Spam:</span> Spam Filters are introduced for spam e-mail which not only consumes time and money but also network and mail server resources.\r\n<span style=\"font-style: italic;\">Web Surfing:</span> Limiting the websites that end-users are allowed to access will increase work productivity, ensure maximum bandwidth availability and lower the liability issues.\r\n<span style=\"font-style: italic;\">Instant Messaging:</span> Convenient and growing, but difficult to handle, this technology serves as a back door for viruses and worms to enter your network. It also provides a way for sensitive information to be shared over the network.<br /><br /><br />","materialsDescription":" <span style=\"font-weight: bold;\">What are the reasons for adopting secure content management?</span>\r\nFollowing are the reasons for creating the need for secure content management:\r\n<ul><li>Lost productivity</li><li>Introduction of malicious code</li><li>Potential liability</li><li>Wasted network resources</li><li>Control over intellectual property</li><li>Regulatory Compliance</li></ul>\r\nBecause of these reasons, there is rising concern over the security of the organization and creating the need for the adoption of Secure content Management from the clients.\r\n<span style=\"font-weight: bold;\">Strategy Adopted for implementing Secure Content Management</span>\r\nThe strategy applied for Secure Content Management includes the 4 step process including\r\n<span style=\"font-weight: bold;\">Discover</span> involves Identifying and Defining the process of Data Management and collecting the data created.\r\n<span style=\"font-weight: bold;\">Classify</span> is the process of identifying critical data and segregating between secure information and unstructured information.\r\n<span style=\"font-weight: bold;\">Control</span> involves the process of data cleansing, Encrypting the digital content and Securing critical information.\r\n<span style=\"font-weight: bold;\">Govern</span> is the process of creating Service Level Agreements for usage rules, retention rules.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Content_and_Threat_Management.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://cdn.www.carbonblack.com/wp-content/uploads/VMWCB-Case-Study-Progress-Residential.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},"vmware-carbon-black-edr-for-asrc-federal":{"id":1196,"title":"VMware Carbon Black EDR for ASRC Federal","description":"<span style=\"font-weight: bold;\">ASRC Federal Reduces Investigation Time with VMware Carbon Black</span>\r\nASRC Federal has approximately 500 endpoints throughout the United States, and administering a variety of tools for threat protection and endpoint detection and response (EDR) has added an unnecessary complexity. Additionally, the time to detect and investigate threats was too long. VMware Black® Hosted EDR™ allowed ASRC Federal to streamline endpoint detection and response while markedly lowering their incident-closure time.\r\n<span style=\"font-weight: bold;\">Managing EDR in the cloud</span>\r\nWhen ASRC Federal was evaluating EDR solutions, they focused on cloud-based offerings due to lower administrative overhead. During their evaluation, they found VMware Carbon Black to be the more sophisticated cloud-based solution with a seamless deployment. ASRC Federal’s Cyber Security Architect Brad Berkemier notes,<br /><span style=\"font-style: italic;\">“Deploying the agents was so easy. And the cloud-managed model was perfect for us. Cloud was something a lot of other companies were lagging behind on. They had it on their roadmap, but VMware Carbon Black had it already in the cloud and ready for us.”</span>\r\nThe team also recognized the value of VMware Carbon Black’s customer service: “I can put a ticket in, call support and it’s just done,” says Cyber Security Engineer Sean Malhotra. “My focus stays on [what’s] important and doesn’t deviate to anything else, which is beautiful.”<br /><br /><span style=\"font-weight: bold;\">Results</span>\r\nASRC Federal describes Carbon Black Hosted EDR as “a boon to the team,” enabling them to drastically reduce the time from threat detection to incident resolution. They can now focus on other important tasks with the confidence that their infrastructure is well protected.","alias":"vmware-carbon-black-edr-for-asrc-federal","roi":0,"seo":{"title":"VMware Carbon Black EDR for ASRC Federal","keywords":"","description":"<span style=\"font-weight: bold;\">ASRC Federal Reduces Investigation Time with VMware Carbon Black</span>\r\nASRC Federal has approximately 500 endpoints throughout the United States, and administering a variety of tools for threat protection and endpoint detecti","og:title":"VMware Carbon Black EDR for ASRC Federal","og:description":"<span style=\"font-weight: bold;\">ASRC Federal Reduces Investigation Time with VMware Carbon Black</span>\r\nASRC Federal has approximately 500 endpoints throughout the United States, and administering a variety of tools for threat protection and endpoint detecti"},"deal_info":"","user":{"id":8844,"title":"ASRC Federal","logoURL":"https://old.roi4cio.com/uploads/roi/company/ASRC_Federal_logo.png","alias":"asrc-federal","address":"7000 Muirkirk Meadows Drive, Suite 100 Beltsville, MD 20705, US","roles":[],"description":" ASRC Federal Holding Company is the government services subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation owned by approximately 13,000 Iñupiat shareholders.<br />ASRC Federal Holding Company supports a family of companies that provide a broad range of services to federal civilian, intelligence and defense agencies. The Company, through its subsidiaries, provides federal customer support services in engineering, aviation, and transportation. ASRC Federal offers services to satellite and radar systems, space and missile defense, and federal data centers.<br />ASRC Federal Holding Company is headquartered in the metro DC area and has office locations located throughout the U.S. such as Colorado, Florida, New Jersey, Arizona and Alabama. ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.asrcfederal.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"ASRC Federal","keywords":"","description":" ASRC Federal Holding Company is the government services subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation owned by approximately 13,000 Iñupiat shareholders.<br />ASRC Federal Holding Company supports a family of companies that pro","og:title":"ASRC Federal","og:description":" ASRC Federal Holding Company is the government services subsidiary of Arctic Slope Regional Corporation, an Alaska Native Corporation owned by approximately 13,000 Iñupiat shareholders.<br />ASRC Federal Holding Company supports a family of companies that pro","og:image":"https://old.roi4cio.com/uploads/roi/company/ASRC_Federal_logo.png"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":168,"title":"VMware","logoURL":"https://old.roi4cio.com/uploads/roi/company/vmware_logo.png","alias":"vmware","address":"","roles":[],"description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server market with VMware GSX Server and VMware ESX Server products. Today, VMware dominates the software virtualization market, controlling most of the global marketplace.<br /><br />The main activities of the company are such areas as software-defined data centers (SDDC), the creation of hybrid clouds (Hybrid Cloud), virtualization of workplaces of corporate users.<br />All VMware software products can be divided into several main categories: server virtualization, desktop virtualization, network virtualization, storage network virtualization, cloud environments.<br /><br />VMware software is used by millions of individuals and tens of thousands of enterprise customers around the world, including nearly all Fortune 100 companies. By leveraging VMware software to address business challenges such as increasing resource efficiency and availability, customers have achieved significant value. - In particular, to reduce the total cost of ownership, increase the return on investment and improve the quolity of customer service.<br /><br />VMware is headquartered in Palo Alto, California, USA and is majority owned by Dell EMC.</span>","companyTypes":[],"products":{},"vendoredProductsCount":24,"suppliedProductsCount":32,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":14,"vendorPartnersCount":2,"supplierPartnersCount":97,"b4r":0,"categories":{},"companyUrl":"https://www.vmware.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"VMware","keywords":"VMware, business, with, approach, cloud, modern, data, apps","description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server m","og:title":"VMware","og:description":"<span style=\"color: rgb(97, 97, 97); \">VMware was founded in 1998 and initially focused on the development of virtual machine technologies for standard computers. In 1999, VMware released its first product, VMware Workstation, and in 2001. entered the server m","og:image":"https://old.roi4cio.com/uploads/roi/company/vmware_logo.png"},"eventUrl":""}],"products":[{"id":5739,"logo":false,"scheme":false,"title":"VMware Carbon Black Cloud Enterprise EDR","vendorVerified":1,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-enterprise-edr","companyTypes":[],"description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.\r\nVMware Carbon Black Enterprise EDR is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. Enterprise EDR is delivered through the VMware Carbon Black Cloud, a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.\r\nUsing data continuously collected and sent to the VMware Carbon Black Cloud, Enterprise EDR provides immediate access to the most complete picture of an attack at all times, reducing lengthy investigations from days to minutes. This empowers teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers can.\r\nAlong with continuous visibility, Enterprise EDR gives you the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.<br /><br /><span style=\"font-weight: bold;\">Key Capabilities</span>\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Complete Endpoint Protection Platform</span></span>\r\nBuilt on the VMware Carbon Black Cloud, Enterprise EDR provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Continuous & Centralized Recording</span></span>\r\nCentralized access to continuously collected data means that security professionals have all the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Attack Chain Visualization & Search</span></span>\r\nEnterprise EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to avoid falling victim to the same attack twice.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Live Response for Remote Remediation</span></span><br />With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Automation via Integrations & Open APIs</span></span>\r\nCarbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Enterprise EDR into their existing security stack.<br /><br /><span style=\"font-weight: bold;\">BENEFITS</span>\r\n\r\n<ul><li>Reduced complexity for more efficient endpoint security</li></ul>\r\n<ul><li>Easy deployment,automated updates, and elastic scalability</li></ul>\r\n<ul><li>Accelerated investigations with continuous endpoint visibility</li></ul>\r\n<ul><li>Complete understanding of root cause to close existing gaps</li></ul>\r\n<ul><li>Secure remote access for investigations</li></ul>\r\n<ul><li>Greatly reduced dwell time and average time to resolution</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Lightweight sensor deployed and managed from the cloud</li></ul>\r\n<ul><li>Process and binary search of centralized, unfiltered data</li></ul>\r\n<ul><li>Out-of-the-box and customizable behavioral detection</li></ul>\r\n<ul><li>Proprietary and third-party threat intel feeds</li></ul>\r\n<ul><li>Automated watchlist store-run queries</li></ul>\r\n<ul><li>Interactive and expandable attack chain visualization</li></ul>\r\n<ul><li>Secure remote shell for rapid remediation</li></ul>\r\n<ul><li>Open APIs</li></ul>\r\n<span style=\"font-weight: bold;\"><br />PLATFORMS</span>\r\n<ul><li>Windows</li></ul>\r\n<ul><li>macOS</li></ul>\r\n<ul><li>Red Hat</li></ul>\r\n<ul><li>CentOS</li></ul>","shortDescription":"Cloud-based threat hunting and incident response (IR) solution delivering continuous visibility for top security operations centers (SOC) and IR teams.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Enterprise EDR","keywords":"","description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de","og:title":"VMware Carbon Black Cloud Enterprise EDR","og:description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de"},"eventUrl":"","translationId":5740,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6076,"logo":false,"scheme":false,"title":"VMware Carbon Black Endpoint Detection and Response (EDR)","vendorVerified":1,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"vmware-carbon-black-endpoint-detection-and-response-edr","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Threat Hunting & Incident Response for Hybrid Deployments</span>\r\nEnterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Security and IT professionals lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.\r\nCarbon Black EDR is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores comprehensive endpoint activity data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior.\r\nTop SOC teams, IR firms and MSSPs have adopted Carbon Black EDR as a core component of their detection and response capability stack. Customers that augment or replace legacy antivirus solutions with Carbon Black EDR do so because those legacy solutions lack visibility and context, leaving customers blind to attacks. Carbon Black EDR is available via MSSP or directly via on- premises deployment, virtual private cloud or software as a service.<br /><br /><span style=\"font-weight: bold;\">Key Capabilities</span>\r\n<span style=\"font-style: italic;\">Continuous and Centralized Recording</span>\r\nCentralized access to continuously recorded endpoint data means that security professionals have the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.\r\n<span style=\"font-style: italic;\">Live Response for Remote Remediation</span>\r\nWith Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.\r\n<span style=\"font-style: italic;\">Attack Chain Visualization and Search</span>\r\nCarbon Black EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps and learn from every new attack technique to avoid falling victim to the same attack twice.\r\n<span style=\"font-style: italic;\">Automation via Integrations and Open APIs</span>\r\nCarbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Carbon Black EDR into their existing security stack.<br /><span style=\"font-weight: bold;\"><br />BENEFITS</span>\r\n<ul><li>Faster end-to-end response and remediation</li></ul>\r\n<ul><li>Accelerated IR and threat hunting with continuous endpoint visibility</li></ul>\r\n<ul><li>Rapid identification of attacker activities and root cause</li></ul>\r\n<ul><li>Secure remote access to infected endpoints for in-depth investigation</li></ul>\r\n<ul><li>Better protection from future attacks through automated hunting</li></ul>\r\n<ul><li>Unlimited retention and scale for the largest installations</li></ul>\r\n<ul><li>Reduced IT headaches from reimaging and helpdesk tickets</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Out-of-the-box and customizable behavioral detection</li></ul>\r\n<ul><li>Multiple, customizable threat intel feeds</li></ul>\r\n<ul><li>Automated watchlists capture queries</li></ul>\r\n<ul><li>Process and binary search of centralized data</li></ul>\r\n<ul><li>Interactive attack chain visualization</li></ul>\r\n<ul><li>Live Response for rapid remediation</li></ul>\r\n<ul><li>Open API sand 120+ out-of-the-box integrations</li></ul>\r\n<ul><li>On-prem, virtual private cloud, SaaS, or MSSP</li></ul>\r\n\r\n<span style=\"font-weight: bold;\">PLATFORMS</span>\r\nSensor Support:\r\n<ul><li>Windows & Windows Server</li></ul>\r\n<ul><li>MacOS</li></ul>\r\n<ul><li>Red Hat</li></ul>\r\n<ul><li>CentOS</li></ul>\r\n<ul><li>Oracle RHCK</li></ul>\r\n<ul><li>SuSE</li></ul>\r\nDeployment Options:\r\n<ul><li>Clouds or On-Premise</li></ul>","shortDescription":"Threat hunting and incident response solution delivers continuous visibility in offline, air-gapped and disconnected environments using threat intel and customizable detections.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Endpoint Detection and Response (EDR)","keywords":"","description":"<span style=\"font-weight: bold;\">Threat Hunting & Incident Response for Hybrid Deployments</span>\r\nEnterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Secu","og:title":"VMware Carbon Black Endpoint Detection and Response (EDR)","og:description":"<span style=\"font-weight: bold;\">Threat Hunting & Incident Response for Hybrid Deployments</span>\r\nEnterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Secu"},"eventUrl":"","translationId":6077,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":10,"title":"Ensure Compliance"},{"id":254,"title":"Centralize management"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":397,"title":"Insufficient risk management"},{"id":393,"title":"Complex and non-transparent business processes"},{"id":387,"title":"Non-compliant with IT security requirements"},{"id":384,"title":"Risk of attacks by hackers"},{"id":356,"title":"High costs of routine operations"},{"id":348,"title":"No centralized control over IT systems"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":395,"title":"Decentralization of management"}]}},"categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://cdn.www.carbonblack.com/wp-content/uploads/VMWCB-Case-Study-ASRC-Federal.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0}},"aliases":{"1":["vmware-carbon-black-cloud-endpoint-standard-and-enterprise-edr-for-indeed","vmware-carbon-black-cloud-for-progress-residential","vmware-carbon-black-edr-for-asrc-federal"]},"links":{"first":"http://apis.roi4cio.com/api/implementations?page=1","last":"http://apis.roi4cio.com/api/implementations?page=1","prev":null,"next":null},"meta":{"current_page":1,"from":1,"last_page":1,"path":"http://apis.roi4cio.com/api/implementations","per_page":20,"to":3,"total":3},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}