VMware Carbon Black Cloud

VMware Carbon Black Cloud is a cloud native endpoint and workload protection platform (EPP and CWP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweight agent and an easy-to-use console. By analyzing more than 1 trillion security events per day, VMware Carbon Black Cloud proactively uncovers attackers’ behavior patterns and empowers defenders to detect and stop emerging attacks. As a key means to realizing intrinsic security, VMware Carbon Black Cloud simplifies and strengthens your approach to security across any app, any cloud, and any device. Adaptive Prevention Delivers Better Protection The majority of today’s cyberattacks feature advanced tactics such as lateral movement and island hopping that target legitimate tools to inflict damage. These sophisticated hacking methods pose a tremendous risk to targets with decentralized systems protecting high-value assets, including money, intellectual property and state secrets. VMware Carbon Black CloudTM thwarts attacks by making it easier to:

• Analyze billions of system events to understand what is normal in your environment

• Prevent attackers from abusing legitimate tools

• Automate your investigation workflow to respond efficiently

All of this is unified into one console and one agent, so that infrastructure and InfoSec teams have a single, shared source of truth to improve security together. One Platform for Your Endpoint Security Needs VMware Carbon Black Cloud consolidates multiple endpoint security capabilities using one agent and console, helping you operate faster and more effectively. As part of VMware’s intrinsic security approach, VMware Carbon Black Cloud spans the system hardening and threat prevention workflow to accelerate responses and defend against a variety of threats. Endpoint standard – next-generation antivirus and behavioral EDR Analyze attacker behavior patterns over time to detect and stop never-seen-before attacks, whether they are malware, fileless or living-off-the-land attacks. Managed detection – managed alert monitoring and triage
Gain 24-hour visibility from our security operations center of expert analysts, who provide validation, context into root cause and automated monthly executive reporting. Audit and remediation – real-time device assessment and remediation Easily audit the current system state to track and harden the security posture of all your protected devices. Enterprise EDR – threat hunting and containment Proactively hunt for abnormal activity using threat intelligence and customizable detections.