TrustRadius
https://media.trustradius.com/product-logos/s4/U6/76DTIOBSOFIM.PNGCb Response is great for endpoint investigation and responseCb Response is used to investigate an endpoint. Investigate is a broad term and CarbonBlack allows us to perform numerous types of investigations. These range from finding out what happened on an endpoint, where, when, and how. This is not only used for tracking down suspicious or malicious behavior but also for human resources/legal use cases. What was a person doing during their day, what did they browse to (ability to pull the internet history files), what programs are they running, etc. This tool is also used to isolate/quarantine a host from the rest of the network so that it can be investigated safely. CB Response has numerous threat feeds out of the box and also allows you to input your own threat intelligence to build watchlists and alerts for analysts to investigate. Overall this is a great tool and is used everyday.,Process tree view of endpoint activity Ability to pull files from host Threat Intelligence integration Isolate a host,Needs more defensive abilities,8,Increased visibility across the enterprise for threats Rapid ability to investigate and remediate threats,FireEye Endpoint Security
Unspecified
Cb Response
2 Ratings
Score 8.0 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Cb Response Reviews

Cb Response
2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.0 out of 101

Do you work for this company? Manage this listing

Show Filters 
Hide Filters 
Filter 2 vetted Cb Response reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role

Reviews (1-1 of 1)

Do you use this product? Write a Review
No photo available
June 12, 2019

Cb Response is great for endpoint investigation and response

Score 8 out of 10
Vetted Review
Verified User
Review Source
Cb Response is used to investigate an endpoint. Investigate is a broad term and CarbonBlack allows us to perform numerous types of investigations. These range from finding out what happened on an endpoint, where, when, and how. This is not only used for tracking down suspicious or malicious behavior but also for human resources/legal use cases. What was a person doing during their day, what did they browse to (ability to pull the internet history files), what programs are they running, etc. This tool is also used to isolate/quarantine a host from the rest of the network so that it can be investigated safely. CB Response has numerous threat feeds out of the box and also allows you to input your own threat intelligence to build watchlists and alerts for analysts to investigate. Overall this is a great tool and is used everyday.
  • Process tree view of endpoint activity
  • Ability to pull files from host
  • Threat Intelligence integration
  • Isolate a host
  • Needs more defensive abilities
Investigating suspicious behavior on an endpoint, ability to kill processes and run files on the host. Ability to view every change made on a system in a timeline format. Ability to search across the enterprise for indicators of compromise. Ability to pull files from the host for further analysis. Ability to safely communicate with an endpoint by isolating it from the rest of the network
Read this authenticated review

Cb Response Scorecard Summary

Feature Scorecard Summary

Company-wide Incident Reporting (1)
8
Integration with Other Security Systems (1)
8
Attack Chain Visualization (1)
10
Centralized Dashboard (1)
10
Machine Learning to Prevent Incidents (1)
3
Live Response for Rapid Remediation (1)
9

About Cb Response

Carbon Black offers Cb Response, an IR and threat hunting solution. Cb Response gives users visibility through continuous recording of all activity on their endpoints. Capturing all threat activity, users can visualize the attack kill chain to hunt threats in real time allowing them to respond and remediate issues that occur on their endpoints.

According to the vendor, the result of this insight is zero-gap endpoint visibility, where investigations never hit a dead end. Users will always know the root cause to address their weakness. Additionally, the vendor says Cb Response is the single console for all detection, triage investigation, attack intervention, and remediation.

Categories:  Incident Response

Cb Response Integrations

Infoblox

Cb Response Competitors

Cb Response Technical Details

Operating Systems: Unspecified
Mobile Application:No
Supported Languages: English