VMware Carbon Black Cloud Enterprise EDR (formerly Cb Response) Reviews

2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.0 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-1 of 1)

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Cb Response is used to investigate an endpoint. Investigate is a broad term and CarbonBlack allows us to perform numerous types of investigations. These range from finding out what happened on an endpoint, where, when, and how. This is not only used for tracking down suspicious or malicious behavior but also for human resources/legal use cases. What was a person doing during their day, what did they browse to (ability to pull the internet history files), what programs are they running, etc. This tool is also used to isolate/quarantine a host from the rest of the network so that it can be investigated safely. CB Response has numerous threat feeds out of the box and also allows you to input your own threat intelligence to build watchlists and alerts for analysts to investigate. Overall this is a great tool and is used everyday.
  • Process tree view of endpoint activity
  • Ability to pull files from host
  • Threat Intelligence integration
  • Isolate a host
  • Needs more defensive abilities
Investigating suspicious behavior on an endpoint, ability to kill processes and run files on the host. Ability to view every change made on a system in a timeline format. Ability to search across the enterprise for indicators of compromise. Ability to pull files from the host for further analysis. Ability to safely communicate with an endpoint by isolating it from the rest of the network
Read this authenticated review

VMware Carbon Black Cloud Enterprise EDR (formerly Cb Response) Scorecard Summary

Feature Scorecard Summary

Company-wide Incident Reporting (1)
8
Integration with Other Security Systems (1)
8
Attack Chain Visualization (1)
10
Centralized Dashboard (1)
10
Machine Learning to Prevent Incidents (1)
3
Live Response for Rapid Remediation (1)
9

About VMware Carbon Black Cloud Enterprise EDR (formerly Cb Response)

VMware Carbon Black Enterprise Endpoint Detection & Response (EDR), formerly CB Response, is a cloud-based threat hunting and incident response (IR) solution delivering continuous visibility for security operations centers (SOC) and IR teams.

VMware acquired Carbon Black October 2019.

Categories:  Incident Response

VMware Carbon Black Cloud Enterprise EDR (formerly Cb Response) Integrations

Infoblox

VMware Carbon Black Cloud Enterprise EDR (formerly Cb Response) Competitors

Tanium, CrowdStrike Falcon Endpoint Protection, Cybereason Endpoint Detection & Response (EDR)

VMware Carbon Black Cloud Enterprise EDR (formerly Cb Response) Technical Details

Operating Systems: Unspecified
Mobile Application:No
Supported Languages: English