What is Carbon Black predictive security cloud?

Antivirus (AV) has been accepted as part of any strong cybersecurity regimen since the early days of endpoint computing. But if your organization has taken a set it and forget it's approach to AV, you could be at much greater risk for malware infection than you know. The industry-leading CB Defense from Carbon Black replaces legacy AV solutions with its next-generation antivirus (NGAV) and endpoint detection and response (EDR) functionalities.

Next-Generation Antivirus (NGAV)

Traditional AV protection relies on unique file signatures, essentially just comparing each executable, attachment and web download to a list of known malware. Attackers have found that they can easily sidestep this type of solution by obfuscating their malicious code or by deploying fileless malware via Windows PowerShell or VBScript embedded in Office documents. These approaches either result in a new signature that the antivirus protection does not recognize as malicious or avoid antivirus scanning entirely by hiding in the endpointâs runtime memory, or RAM.

CB Defense scans not only the files and executables on an endpoint, but also monitors for suspicious activity such as commands and scripts commonly used to launch an attack. By leveraging the CB Predictive Security Cloud, CB Defense can detect not only the same known attacks as traditional AV, but also unknown attacks that bypass signature-based filters.

Endpoint Detection and Response (EDR)

Visibility into the events occurring on endpoint devices has historically been achieved via a combination of desktop-based agents and network-level monitoring. This approach can leave unseen gaps in coverage that allow attackers to penetrate an internal network undetected. Further, network-based monitoring tools offer no insight into or control over endpoints residing outside of the organizational network, such as [list common endpoints here]. These vulnerable endpoints are a growing blind spot for companies with a mobile workforce.

CB Defense offers unprecedented insight into activity occurring on endpoint devices. Managed from a single, cloud-based console, CB Defense requires no on-premises infrastructure and gathers event data from endpoints even outside of the traditional local area network (LAN). With the ability to see and respond to suspicious activity wherever it happens, security and IT operations teams can remediate potential security issues more quickly than ever before.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

VMware Carbon Black Cloud is a Software as a Service (SaaS) solution that provides next-generation anti-virus (NGAV), endpoint detection and response (EDR), advanced threat hunting, and vulnerability management within a single console using a single sensor.

Affected Products:

VMware Carbon Black Cloud PreventionVMware Carbon Black Cloud Endpoint StandardVMware Carbon Black Cloud Endpoint Advanced

VMware Carbon Black Cloud Endpoint Enterprise

Affected Operating Systems:

WindowsMac

Linux

VMware Carbon Black Cloud (formerly Predictive Security Cloud) hosts various modules that allow an administrator to manage endpoints with the VMware Carbon Black Cloud Endpoint sensor.

• VMware Carbon Black Cloud Prevention1
  • Provides administrators with a leading NGAV solution with a streamlined user interface to allow for direct analysis of threats within the environment.
• VMware Carbon Black Cloud Endpoint (formerly Carbon Black Defense)
  • Included with the VMware Carbon Black Cloud Standard, VMware Carbon Black Cloud Advanced, and VMware Carbon Black Cloud Enterprise offerings.
  • Allows for the configuration and manipulation of NGAV protection and behavioral EDR on endpoints running the VMware Carbon Black Cloud Endpoint Sensor.
• VMware Carbon Black Cloud Audit & Remediation (formerly Carbon Black LiveOps)2
  • VMware Carbon Black Cloud Advanced and VMware Carbon Black Cloud Enterprise include this offering on top of NGAV provided in VMware Carbon Black Cloud Standard.
  • Enables the Live Query UI elements and allows for vulnerability management and remediation of devices with scheduled or on-demand queries of all devices in the environment, followed by the ability to leverage a remote-shell to resolve any issues.
• VMware Carbon Black Cloud Enterprise EDR (formerly Carbon Black Threat Hunter)2
  • VMware Carbon Black Cloud Enterprise adds this offering to the Audit & Remediation and NGAV in VMware Carbon Black Cloud Advanced.
  • Allows for advanced and unfiltered data through the Investigate UI element. This enables the administrator to have a limitless view of endpoints managed by the VMware Carbon Black Cloud Endpoint Sensor.

1VMware Carbon Black Cloud Prevention can be upgraded to VMware Carbon Black Cloud Endpoint Standard. However, it cannot be downgraded back to VMware Carbon Black Cloud Prevention. More add-on SKUs cannot be leveraged with VMware Carbon Black Cloud Prevention.
2VMware Carbon Black Cloud Audit & Remediation and VMware Carbon Black Cloud Enterprise EDR can be purchased separately. It may also be individually added on to an existing VMware Carbon Black Cloud environment unless that instance is VMware Carbon Black Cloud Prevention.

What features do each VMware Carbon Black Cloud bundle provide?

Note: Values that are listed are for base service offerings only.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Thank you for your feedback.

Sorry, our feedback system is currently down. Please try again later.

Comments cannot contain these special characters: <>()\