CB ThreatHunter (Carbon Black)

Additional Info

CompanyCarbon Black
Websitehttps://www.carbonblack.com/
Company size (employees)1,000 to 4,999
Type of solutionCloud/SaaS

Overview

According to the Forrester’s Josh Zelonis, Carbon Black helped define [the EDR] space with its CB Response product by focusing on increasing the cost to an attacker while reducing dwell time.”

With its latest EDR innovation, Carbon Black has introduced the next generation of threat hunting and incident response (IR) on the CB Predictive Security Cloud (PSC) with the release of CB ThreatHunter. CB ThreatHunter takes all the capabilities of CB Response, enabling customers to prevent, detect, respond to, predict and now, hunt threats from a single cloud platform. CB ThreatHunter delivers best-of-breed threat hunting and IR functionality from the same agent and console as Carbon Black’s next-generation antivirus, EDR and real-time query solutions, allowing teams to consolidate multiple point products with one converged cloud platform.

Carbon Black’s sophisticated detection combines custom and cloud-delivered threat intel, automated watchlists, and integrations with the rest of a security stack to efficiently scale a hunt across the enterprise, by giving the power to respond and remediate rapidly, stopping active attacks and repairing damage quickly.

CB ThreatHunter automates the enterprise-wide activity collection process, continuously recording all endpoint activity, much like an always-on surveillance camera. The result is unfiltered endpoint visibility that retains the recorded relationships of every file execution, file modification, registry modification, network connection and executed binary in an environment. Organizations can efficiently classify threats to accelerate their threat hunt.

CB ThreatHunter offers powerful and comprehensive threat hunting and IR from the cloud. It enables security operations centers (SOCs) and IR teams to quickly and accurately hunt for anomalies. CB ThreatHunter continuously records and centrally stores all unfiltered threat activity enabling security teams to hunt for threats in real time.

How we are different

Technology Innovation - The platform empowers customers to predict, prevent, detect, respond to and remediate cyberattacks before they cause a damaging incident or data breach. As a result, Carbon Black has added MITRE ATT&CK threat intelligence feeds to CB Response and CB ThreatHunter to deliver new behavior-based threat intelligence to customers. This combines the power of Carbon Black’s unfiltered endpoint data collection and a robust collection of adversary techniques to simplify threat detection and threat hunting. The new threat feeds map directly to the various attack tactics outlined by MITRE.


Open & Extensible Platform - Carbon Black enables third-party developers to leverage the company’s unfiltered data at every level, from the endpoint to the cloud, resulting in better and more customized cybersecurity. The best cybersecurity requires the best data.


Education - Carbon Black’s entire team, from executives, to researchers, to engineers, to interns, have cybersecurity in their DNA. They care immensely about making the world safe from attacks. As a result, Carbon Black looks to educate the market on how to solve problems in cybersecurity. They do this through blogging, conference talks, webinars, major trade shows, media interviews, one-on-one conversations, and more. Yes, at the end of the day, Carbon Black is selling a product but it hires those people who believe in the company’s vision above all else.