Carbon Black Cb Response: EDR Product Overview and Insight

Company description: Carbon Black was founded by former members of the U.S. government’s team of offensive security hackers. Trained by the NSA and CIA, its founders developed tools and techniques for endpoint security to protect against cyberattacks. It has been delivering cybersecurity products and solutions for more than 12 years. Its more than 3,000 customers have deployed 9+ million licenses.

Product description: Cb Response is built for security operations centers and incident response teams. It performs unfiltered data collection and is said to capture more information about endpoint events than any other tool. It is particularly strong in its visibility into active threat hunting and real-time response to ongoing threats. Data gathering, query and analysis capabilities benefit from continuous monitoring of operating system status, network status, system information and binary information. The Cb Collective Defense Cloud provides threat intelligence, reputation and classification capabilities by consolidating natively developed research and third-party OEMs. APIs allow security teams to tie together all defenses.

See the complete list of top 10 Endpoint Detection and Response solutions.

Markets and use cases: Carbon Black CTO and Co-founder Michael Viscuso said the solution spans all traditional vertical market definitions and organizational sizes. It plays strongly in markets with the highest risk from cyberattack.

Agents: Agents run on all the monitored machines. Cb Response supports agents for Windows, Mac, and Linux environments. They can be installed using a standalone exe or with a third-party software distribution tool such as Microsoft SCCM or Landesk.

Applicable metrics: Up to 150,000 endpoints per cluster and unlimited clusters. One server sensor collects 1.6 GB per day.

Security qualifications: AICPA SSAE No 16 SOC 2

Intelligence: The Cb Collective Defense Cloud analytics engine crunches big data related to attacks, threats, behaviors and change, with the purpose of identifying malicious activity.

Delivery: Cb Response is software-based, available on premises or in the cloud. Agents are installed on MAC, Windows and Linux endpoints for either dedicated hardware or VMs. The Collective Defense Cloud is hosted by Carbon Black in its own cloud. Cb Response is also available as a service from Carbon Black certified MSSPs.

Pricing: Cb Response uses a tiered yearly subscription model pricing model. Starting price is $30 per endpoint for a 1-year subscription.

Drew Robb
Drew Robb
Drew Robb has been a full-time professional writer and editor for more than twenty years. He currently works freelance for a number of IT publications, including ServerWatch and CIO Insight. He is also the editor-in-chief of an international engineering magazine.

Latest articles

Top Cybersecurity Companies

Related articles