Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of VMware Carbon Black EDR, and make your voice heard!
Entry-level set up fee?
- No setup fee
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
VMware Carbon Black EDR (formerly Cb Response) is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR records and stores endpoint activity data so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior.
VMware acquired Carbon Black October 2019.
- Helps in tracking network connections made by machine
- Process Tree which show series of workflow which clear and easy to understand.
- Enables to go live into the machine and investigate
- Number of false positive which are triggered due to threat feeds are sometimes more needs to be fine tuned by the client.
- In very rare scenarios processes are not captured properly.
To check for the whether any file is executed on the machine or not.
To check on which port connections are being made by the machine.
To create custom watchlist for alert to be investigated by an analyst.
To check every process executed in the machine for a specified range.
- Process tree view of endpoint activity
- Ability to pull files from host
- Threat Intelligence integration
- Isolate a host
- Needs more defensive abilities