Carbon Black EDR is an on-premise incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements.
N/A
Huntress
Score 9.3 out of 10
N/A
Huntress is a security platform that surfaces hidden threats, vulnerabilities, and exploits.
The platform helps IT resellers protect their customers from persistent footholds, ransomware and other attacks.
We are able to check if any phishing link was visited by the user or not. To check for the whether any file is executed on the machine or not. To check on which port connections are being made by the machine. To create custom watchlist for alert to be investigated by an analyst. To check every process executed in the machine for a specified range.
Huntress is great for a managed service provider to provide a better cybersecurity stack to their endpoints/customers. Some smaller clients cannot afford high-priced SOC services but require SOC-level protection. Along with a couple of other layers of security, Huntress provides peace of mind for the MSP that if a threat were to arise, they would be notified with specific instructions for dealing with that threat.
Using the latest industry knowledge of threats that have been ongoing, but not previously known and projecting it back in time against their installed endpoints to identify machines that are vulnerable or breached and when it these events occurred
Very quiet. If they alert, it is a thing.
Very good at remediation.
They communicate extremely well when it matters.
While there are the most extensive products more often than not they are the first to alert us to a threat.
We dropped SentinelOne in favor of Huntress because the UI was much more simplistic for the tier 1 techs to maintain. It beats the old web design model of three clicks to where you want to go. It is very intuitive. No one needs training to figure out how to navigate its console.
CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.
Firstly from a business model, [VMware] Carbon Black [Cloud Managed Detection] was not outfitted for the MSP where Huntress is very MSP-friendly from an affordably easy point to entry to value for money licensing. Carbon Black TS is not bad in anyway, well, that we found, but Huntress is a new layer of security that fits between the OS and AV layers to provide additional information, monitoring, and detection. With Huntress backing the MSP, [it] sure does help as well.
