VMware Carbon Black CB Predictive Security Cloud
Cloud-Native Endpoint Protection Platform (EPP)
The CB Predictive Security Cloud supports a variety of powerful next-generation endpoint security services, all of which are powered by the collective intelligence generated in the PSC. This collective intelligence is generated from data collected across millions of endpoints under management and enriched with threat intelligence from around the world in real-time.
Carbon Black Services
The CB Predictive Security Cloud is an extensible platform that leverages unfiltered data and streaming analytics to power multiple endpoint security services for IT and SecOps.
Next-generation antivirus and EDR
Real-time endpoint query and remediation
Managed threat alert service
Incident response and threat hunting for SOC teams
CB Defense for VMware
Next-generation security for the software-defined datacenter
Threat Hunting + IR for SOC Teams
Application control and critical infrastructure protection
The CB Predictive Security Cloud™ (PSC) platform sits at the heart of Carbon Black’s endpoint security solutions and provides advanced intelligence to all Carbon Black® products through big data analytics across hundreds of billions of endpoint events per day.
The PSC platform continuously captures, records and analyzes rich, unfiltered endpoint data. We believe the depth, breadth and real-time nature of our endpoint data, combined with the strength of our analytics platform, provides customers with the most robust and data-driven solution to address the complete endpoint security lifecycle.
Consolidated Endpoint Security Simplified
Attackers are bypassing traditional endpoint security. In response there has been a proliferation of security products in an attempt to stop them. The result is too much complexity and not enough efficacy. Imagine if instead of having all of these different technologies you could have a single platform that simplifies your security stack and gives you better protection.
The CB Predictive Security Cloud (PSC) is an endpoint protection platform that consolidates security in the cloud, making it easy to prevent, investigate, remediate and hunt for threats. While other endpoint security products only collect a filtered dataset related to what’s “known bad,” the PSC collects all endpoint activity data, because attackers intentionally look normal in order to hide their attacks. This unfiltered data is the unique power of the PSC, delivering:
- Superior Protection: Stop more attacks, take back control over your endpoints, and worry less. The PSC applies predictive modeling to unfiltered data to stay one step of ahead of sophisticated threats.
- Actionable Visibility: Cut down the guesswork and close security gaps fast. The PSC accelerates investigations by giving you a comprehensive picture of endpoint activity and empowers you to respond quickly.
- Simplified Operations: While most endpoint security programs require multiple siloed systems that burden end users and complicate management, the PSC consolidates multiple capabilities in the cloud using a single endpoint agent, console and dataset.
Attackers are bypassing traditional endpoint security.
In response, there has been a proliferation of security products in an attempt to stop them. The result is too much complexity and not enough efficacy. Imagine if you could have a platform that helps simplify your security stack and gives you better protection.
The Best Analytics Provide the Best Security
While other endpoint security products only collect a dataset related to what is “known bad,” the VMware Carbon Black Cloud continuously collects comprehensive endpoint activity data, because attackers intentionally try to “look normal” in order to hide their attacks. It then analyzes attackers’ behavior patterns to detect and stop never-seen-before attacks.
Seeing The Bad Hidden Among The Good
The real-time behavioral analytics at the core of the VMware Carbon Black Cloud are based on event stream processing, the same technology that has transformed many other industries such as high-speed trading and credit card fraud detection. Carbon Black is the first to bring event stream processing to endpoint security.
The VMware Carbon Black Cloud is a cloud-native endpoint protection platform (EPP) that provides what you need to secure your endpoints, using a single lightweight agent and an easy to use console
The VMware Carbon Black Cloud applies behavioral analytics to help you stay one step ahead of known and new threats as they evolve.
- Identify attacks that other endpoint security products might miss, including fileless, ransomware and never-seen-before attacks
- Uncover threats, patterns, and indicators invisible to traditional and ML antivirus, looking upstream to the root cause of attacks to better predict future ones
- Multiply your security staff by 1000s with the Carbon Black community of more than 20,000 security professionals
The VMware Carbon Black Cloud empowers you to accelerate investigations and respond confidently to threats.
- Visualize the attack chain to easily understand attacks and take immediate action from a single console
- See what others can’t see by exposing attacks that otherwise fly under the radar
- Investigate and hunt for attacks using comprehensive endpoint data, because you can’t know bad ahead of time
The VMware Carbon Black Cloud consolidates multiple security capabilities in the cloud using one endpoint agent and console, helping you operate faster and more effectively.
- Consolidate endpoint security in the cloud, reducing multi-vendor management complexity and reducing CapEx
- Deploy multiple security services without compromising endpoint performance leveraging a single, shared platform agent
- Expand security capabilities over time, seamlessly adding new capabilities without new infrastructure or deployment costs
What Makes the PSC Unique?
Features and Benefits:
- Reduced cost and complexity of security stack
- Decreased risk of breach
- Clear insight into root cause of attack
- Quickly respond to security incidents
- Automated remediation and threat containment
- Seamless integration with other security solutions
- Increased security operations efficiency
- Greater ability to meet compliance requirements
- Consolidated prevention, investigation, remediation, and hunting
- Predictive, real-time threat intelligence based on big data analytics
- Unfiltered endpoint data from millions of endpoints worldwide
- Real-time query and remediation
- Rapid deployment of new security features and algorithms
- Simplified processes between Security and IT Operations
- Easy to deploy, configure, and use at enterprise scale
- Open APIs to extend workflows and leverage high value data
- Out-of-the-box integrations with your security stack
Cloud-Native Security Advantage:
In today’s mobile world, endpoints are the new perimeter—and every endpoint is a possible entry point. Carbon Black prevents more threats, gives you actionable insights, and helps you operate faster and more effectively.
Endpoint Protection Platform (EPP)
The VMware Carbon Black Cloud consolidates security and provides you with what you need to secure your endpoints, using a single lightweight agent.
- Stop more attacks, take back control over your endpoints, and worry less
- Cut down the guesswork and close security gaps fast
- Minimize multi-vendor complexity and agent fatigue
The combined efforts of the VMware Carbon Black Cloud, from its automated prevention to its complete visibility and proactive threat hunting capabilities, are used through a single, cloud-based console.
- Remove the complexity of monitoring and replicating policies across disparate, siloed point solutions
- Streamline your efforts to impede and shut down active threats in a single view
- Act confidently with a modern, easy to use interface that grows with the needs and sophistication of your security and IT teams
This single, lightweight endpoint agent collects unfiltered data that supports the full set of endpoint protection services offered on the VMware Carbon Black Cloud platform.
- Increase endpoint performance with a single source of data collection and threat prevention
- Reduce complexity by collapsing management and deployment of multiple point solutions to a single platform
- Add on additional services as needed without the need to test and roll out new endpoint software
Through the collection of unfiltered endpoint data, the VMware Carbon Black Cloud single dataset forms the foundation on which its streaming analytics can detect, decipher and model threat behavior to power its security services.
- Get a clear picture of endpoint activities and behavior from a single source
- Remove the need to collate and correlate multiple data sources
The VMware Carbon Black Cloud uses its foundation of unfiltered data and streaming analytics to power a host of specialized endpoint security services that support the prevention, detection, proactive hunting and remediation of active threats.
- Increase the efficacy of your endpoint security program by combining multiple services to identify and prevent known and unknown attacks
- Enable SecOps teams to investigate, remediate and hunt for emerging threats
- Rapidly deploy new services without the need to roll out additional endpoint agents and supporting infrastructure
Unlike other endpoint security platforms that collect data related to known malicious software and attack techniques, the VMware Carbon Black Cloud collects a complete dataset of endpoint activities and behaviors to analyze and uncover all types of attacks.
- Paves the way to improved, automated prevention of advanced attacks and increased visibility into malicious and suspicious activities
- Discovers new and innovative attacks by collecting all types of data, even that of known, trusted applications and processes
- Empowers threat hunters and SOC teams to investigate incidents completely and get ahead of major breaches
The VMware Carbon Black Cloud applies streaming analytics, its core analytics engine built upon event-stream processing technology, to its unfiltered dataset to model threat behavior and discover new trends and emerging attack patterns.
- Leverages the same technology that transformed high frequency trading and credit card fraud detection
- Focuses on a stream of events, rather than single points in time, to assess risk and understand malicious intent
- Drives the advanced automatic prevention capabilities that stop new, emerging and fileless attacks
The VMware Carbon Black Cloud is architected upon a robust API framework that makes it easy to integrate and extend, enabling users to create new workflows that support and enhance their security programs and operational processes.
- Export any piece of data collected from the endpoint at line speeds for use with customer-specific integrations and custom processing
- Orchestrate custom workflows that trigger certain actions based on predetermined events
- Feed unfiltered endpoint data into your security stack to enhance their capabilities
- Consolidate multiple endpoint agents into a single agent
- Reduce complexity and simplify operations
- Replace or augment legacy antivirus and EDR
- Prevent malware and fileless attacks
- Investigate threats and close security gaps
- Manage assets and improve IT hygiene
- Hunt down and remediate threats
- Lock down critical systems and applications
- Protect fixed-function devices
- Secure virtual datacenters
Download the VMware Carbon Black CB Predictive Security Cloud (PSC) Datasheet (.PDF)