VMware Carbon Black EDR

About VMware Carbon Black

VMware Carbon Black is the technology that lets you protect your work on any device and virtual server. It is a cloud-native platform that provides advanced protection and prevents sophisticated attacks through a lightweight agent and simple console.

By analyzing more than 1 trillion incidents per day, Carbon Black proactively detects attacker behavior and enables you to detect and stop an attack early.

How does VMware Carbon Black work?

The solution relies on predictive analytics, which is performed in the cloud or on-premise. Through agents, the platform is able to retrieve and analyse a wide range of unfiltered data from each connected device or virtual server. Carbon Black leverages the vast knowledge base it works with to create a clear view of the threat landscape. This enables a proactive and real-time response to a potential threat at its outset.

Benefits of the solution

• Effective and advanced protection of devices and systems against known
  and unknown attacks
• 100% protection against ransomware attacks so far
• Real-time vulnerability assessment
• Little overhead, no deeper system scans
• Reducing the complexity of security tools
• Real-time attack visualization
• Removing the barrier between security analysis and IT operations
• Simple console
• Deployment to endpoint devices and virtual servers

What does VMware Carbon Black consist of?

• Antivirus (Next-generation Antivirus)
• Endpoint Detection
  & Response (EDR)
• Audit & Remediation system
• Managed Detection

Why use VMware Carbon Black?

As the number of attacks increases, their sophistication grows. It is natural that with the development in the field of attacks there is a dramatic development in the field of defence. Most users still rely on the classic methods of antivirus tools that responded to specific and known attack patterns. In other words, what was known, the antivirus picked up. However, this is a false sense of security; when your business is under attack by a targeted, tailored attack, this method of defense doesn't stand a chance. Defenses must react dynamically, distinguish what is legitimate and what is no longer, analyze the data and learn from it.

VMWare Carbon Black offers an advanced way to defend against future attacks. It takes full advantage of the capabilities of the modern cloud, including artificial intelligence, machine learning and data analytics.

Gone are the days of installing demanding tools on endpoints, which often caused operational complications due to their demanding nature on hardware resources or the complexity of intervention in the operating system itself.

Carbon Black works the other way around. The end station itself runs only a lightweight client and all the logic runs in the cloud, where the analysis of individual processes takes place. Thanks to the huge amount of data that Carbon Black analyses, it is able to respond to unknown and emerging attack methods.

The use of machine learning means that the tool itself can analyse what is normal behaviour in your environment and what is not. Central management allows you to not only evaluate actions that the platform assesses as risky, set various specific exceptions, but also analyze in detail potential risks and incidents in real time.

How to start?

At ITS, we have many years of experience with the VMWare portfolio of tools and Carbon Black is another component that complements the end-user focused Workspace One toolset. We are always ready to discuss the benefits of Carbon Black with you, offer a live demonstration in our environment or yours, and help with the actual implementation.