Cb Response

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Carbon Black
Company size (employees)700
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

- Cb Response provides real-time threat response & remediation – cutting average IR time to less than 15 minutes

- Cb Response offers complete endpoint visibility by recording 100% of activity to speed IR & enable proactive threat hunting

- Cb Response offers unlimted data retetion and scale, designed to fit
even the largest installations, and offers unlimited data retention to meet compliance and dwell time requirements

Brief Overview

Cb Response is purpose-built for the enterprise SOC and IR teams. Offering a streamlined UI that’s built for speed, unlimited historical data retention and unlimited scaling to fit even the largest enterprises, this market-leading IR and threat hunting tool empowers the SOC with:

Complete Visibility with Continuous Centralized Recording

– Capture all threat activity with 100% continuous recording.

– Centralized storage means the data you need is always at your fingertips.

– Visualize the complete attack kill chain so you always find the root cause
and see lateral movements to accelerate investigations.

– Unlimited data retention for full historical review of any attack – no matter
how long the dwell time.

Real Time Response

– Reduces average IR time from 78 hours to less than 15 minutes per incident.

– Stops attacks in progress by isolating infected systems, terminating
processes and banning hashes across an enterprise.

– “Live Response” enables complete & remote remediation of infected
systems. Take any action, such as collecting advanced forensic data
or running custom scripts, from any location.

– Use knowledge of root cause to close gaps and prevent future attacks.

Proactive Threat Hunting

– Stop the headline breach and detect advanced attacks faster.

– Proactively discover the most advanced threats that make it past
your defenses.

– Leverage open APIs to integrate with the rest of your security stack
for advanced attack correlation.

Proven at Scale

– Requires minimal resources and infrastructure investment – 99% of
all enterprises can deploy in a single server cluster.

– Turnkey integrations and open APIs ensure a seamless fit in even the
most complex environments.

– Enables prioritized patch management through tight integration
with IBM BigFix.