VMware Carbon Black EDR is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores comprehensive endpoint activity data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior.
Top SOC teams, IR firms and MSSPs have adopted Carbon Black EDR as a core component of their detection and response capability stack. Customers that augment or replace legacy antivirus solutions with Carbon Black EDR do so because those legacy solutions lack visibility and context, leaving customers blind to attacks.
- Faster end-to-end response and remediation
- Accelerated IR and threat hunting with continuous endpoint visibility
- Rapid identification of attacker activities and root cause
- Secure remote access to infected endpoints for in-depth investigation
- Better protection from future attacks through automated hunting
- Unlimited retention and scale for the largest installations
- Reduced IT headaches from reimaging and helpdesk tickets
For more information, visit https://www.carbonblack.com/products/endpoint-detection-and-response/