Anybody tried Carbon Black?

Discussion in 'other anti-malware software' started by boredog, May 22, 2016.

  1. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,180
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  3. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    977
    Location:
    Paris
    Yeah- it detects and isolates endpoints when it finds something that is amiss and provides ample logs for remediation. Definitely an Enterprise solution (although for a great many endpoints the logs tend to be voluminous). A fun Fact- they use VT (not exclusively- but as a setting within it to speed things up) and don't have a scanner to include on Virus Total. So that option may be going bye-bye.
     
    Last edited: May 22, 2016
  4. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,180
    Still sounds cool
     
  5. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    221
    I have used Bit9 tech (TAT/Lookup) and they were always pretty solid.

    The new post-merger product is much stronger and, as suggested, quite pricey, solely aimed at enterprise sales.

    They have one of the strongest reputation services backing application controls. Along with heavy partnerships and integration, it really gains value. These partners also help feed their threat intelligence. It's essentially a whitelist app-control base on steroids supported by remediation/viz that correlates where files went and did. Without a good admin, other products, and siem/etc rules to make sense of these feeds, the product starts to lose value; hence, it's a heavily commercial oriented product.

    @Virustotal: VT once had CBlack integration in the "additional info" tab, so CB has assets to offer. But honestly granted the data gathered from elsewhere--they don't really need it.
     
Loading...