Mindflow and VMWare Carbon Black have partnered to enable users to automate their incident management and better protect their information systems.
VMware Carbon Black Enterprise EDR is a threat hunting and incident response platform which delivers continuous visibility for security operations centers (SOC) and incident response (IR) teams. Enterprise EDR is provided through the VMware Carbon Black Cloud, a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.
Using data continuously collected and sent to the VMware Carbon Black Cloud, Enterprise EDR can provide immediate access to a complete picture of an attack at all times, reducing investigations to minutes. These capabilities empower your teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers.
Below are the main capabilities of VMWare Carbon Black Enterprise EDR
Endpoint Protection Platform. Built on the VMware Carbon Black Cloud, Enterprise EDR provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR, and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.
Continuous & Centralized Recording. Access to continuously collected data lets security professionals have all the information to hunt threats in real-time and in-depth investigations.
Attack Chain Visualization & Search. The platform provides attack chain visualization to let analysts identify the root cause. They can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to strengthen your company’s defenses.
Live Response for Remote Remediation. Incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate.