Skip Navigation
Get a Demo
 
 
 
 
 
 
 
 
 
Resources Blog Product updates

Expanded MDR coverage with VMware Carbon Black Cloud Endpoint Standard

Red Canary now incorporates alerts from VMware Carbon Black Cloud Endpoint Standard into our MDR solutions.

Chris Rothe
Originally published . Last modified .

Today we are announcing expanded support for VMware Carbon Black Cloud. Red Canary was Carbon Black’s first technology partner way back in 2014. A lot has changed since then, but one thing has stayed the same: Carbon Black provides great products to build a detection and response capability around.

The trend in endpoint security over the last few years has been the consolidation of capabilities back into a single agent with a cloud-based backend. VMware Carbon Black Cloud (formerly known as CB Defense) provides next generation antivirus, endpoint detection and response (EDR), and remediation tools with only one agent to deploy to endpoints. Up until now, Red Canary focused just on the detection and response side of the house, taking EDR telemetry and doing the broadest possible detection. We are now expanding our scope to include the full VMware Carbon Black Cloud product set.

What does this mean exactly?

  • Red Canary will correlate alerts generated by Endpoint Standard with EDR telemetry.
  • The Red Canary Cyber Incident Response Team (CIRT) will investigate all correlated alerts and create detailed threat timelines for all confirmed threats, including the context needed for remediation.
  • If enabled, Red Canary will update your Endpoint Standard alerts based on the results of our investigations, so that you no longer need to take action within the Endpoint Standard console on any alert that we’ve investigated.
  • Automated playbooks will run to remediate confirmed threats as configured through the Red Canary Portal leveraging Carbon Black’s Live Response capabilities.
  • Your Red Canary incident handler will assist with blocking policy configuration for Endpoint Standard.

We have been delivering this capability in private beta to a number of our customers for several months now and are very excited about the results. CB customers can now leverage one agent, and one ally for managed detection and response. Reach out to us anytime to learn how we can help.

 

Red Canary: At the heart of your security operations

 

Safeguard your identities with Red Canary + CrowdStrike Falcon® Identity Protection

 

Red Canary coverage of Google Cloud Platform enters general availability

 

Teaming with Microsoft Copilot for Security

Subscribe to our blog

 
 
Back to Top