Next-Gen Protection for the Endpoint: SANS Review of Carbon Black Cb Defense
by Jerry Shenk
In today’s threat landscape, organizations wanting to shore up their defenses need endpoint tools that not only detect, alert and prevent malware and malware-less attacks, but also provide defenders a road map of the systems and pathways attackers took advantage of. Our review shows that Carbon Black’s Cb Defense does all this and more with a high degree of intelligence and analytics. Utilizing a cloud-based delivery system, it makes informed decisions on subtle user and system behaviors that we wouldn’t otherwise see with traditional antivirus tools. Importantly, it saved us time: Manual correlation and false positives are among the top 10 time-consuming tasks IT professionals hate, according to a recent article in Dark Reading.2 Rather than toggling between separate security systems, tra c logs and so on, we used a single cloud interface (through drill-down and pivot) to determine whether a threat was a false positive or real.