Carbon Black Solutions

Maximize the value of your Carbon Black investment

Red Canary partners with Carbon Black to deliver superior endpoint detection and response to organizations of all sizes. Our team has managed hundreds of CB instances for years and we know the technology inside out. Take advantage of 24×7 advanced threat defense in minutes, with minimal overhead.

CB RESPONSE AND RED CANARY CB THREATHUNTER AND RED CANARY
CB RESPONSE AND RED CANARY :
Advantages
  • Full EDR for Windows, Linux, Mac
  • Multiple deployment options
  • Broadest remediation capabilities
CB THREATHUNTER AND RED CANARY:
Advantages
  • Cloud-based infrastructure
  • Single agent for EDR and NGAV
CB RESPONSE AND RED CANARY :
Operational Considerations
  • Potential for high infrastructure overhead
  • Limited long-term data retention
  • Separate agent required for NGAV
CB THREATHUNTER AND RED CANARY:
Operational Considerations
  • Linux and Mac support still under development
  • Fewer automated remediation actions
  • Separate data store from CB Response
CB RESPONSE AND RED CANARY :
Red Canary Value
  • Full range of 24×7 services, from hosting to managed detection and response
  • Support for any deployment architecture
  • Long-term data retention
  • Automated Live Response actions
  • Open APIs to 3rd-party solutions
CB THREATHUNTER AND RED CANARY:
Red Canary Value
  • 24×7 detection and response from day one
  • Support for hybrid ThreatHunter/CB Response deployments
  • Consolidated with CB Response historical forensic data
  • Automated Live Response actions
  • Open APIs to 3rd-party solutions
High fidelity telemetry

We help you deploy, configure, and manage Carbon Black’s industry-leading endpoint sensors to collect, process, and retain high fidelity telemetry data.

Advanced threat detection

Once collected, we continuously analyze all telemetry to accurately identify and alert on malicious behavior and attacks throughout the threat lifecycle.

24/7 threat confirmation

The Red Canary Cyber Incident Response Team (CIRT) investigates every potential threat. When a threat is confirmed, the CIRT quickly assembles all relevant details about the attack so you can accurately remediate.

Incident response automation

You can quickly respond to confirmed threats via your own processes, ad hoc automated actions directly within the incident report, or fully automated remediation playbooks.

Implementing CB ThreatHunter

Security teams are increasingly adopting cloud-based solutions to simplify and streamline operations. That’s why Carbon Black ThreatHunter is an attractive option for organizations looking to migrate their threat protection to the cloud. But there are several operational considerations that may impact how and when you migrate an existing CB Response instance to ThreatHunter.

Red Canary can help you throughout planning, implementation, and ongoing operations to make your transition to ThreatHunter effective and efficient.

Consistent coverage

A common fear in migrating endpoint solutions is a drop in protection due to lack of feature parity. At some point during the migration there will be different sensors on different endpoints. Red Canary gives you peace of mind throughout the transition by monitoring all endpoints regardless of OS, endpoint type, or sensor deployed, with the same 24/7 expert detection and response.

Consolidated data retention

Maintaining data continuity is critical for many reasons, including historical forensics, compliance, internal auditing, and others. Red Canary consolidates all your endpoint telemetry, giving you centralized access to both CB Response and ThreatHunter raw and normalized data in a single, centralized location. We make sure you won’t have to worry about split databases, lost data, or a lack of consistent historical context.

Cross-platform continuity

Another potential delay in your migration plan is the current lack of operating system support parity between CB Response and ThreatHunter. With Red Canary, you can migrate your Windows devices to ThreatHunter and keep your Linux and Mac devices on CB Response, without worrying about splitting resources between two deployments.

We’ll collect, aggregate, and analyze data from both, seamlessly delivering 24×7 threat detection and response throughout the transition, no matter how long it takes.

Migration that works for you

Migrating to new solutions includes considerations and dependencies unique to each organization. No matter what your timeline, Red Canary can help you safely and effectively migrate to ThreatHunter at your own speed. We’ll deliver security operations continuity throughout the entire process, minimizing service outages and ensuring that you have full access to all your relevant threat data at all times.

 
 
 

Deep expertise rooted in shared lineage

Red Canary and Carbon Black were both innovations started inside Kyrus Tech, a boutique cybersecurity defense contractor. Red Canary’s founders started working with Carbon Black on Day 1 to deliver expert incident response services. When the founding team realized CB Response collected all the necessary data for proactive threat detection and response, the idea for Red Canary was born. Red Canary began offering a custom-built detection and response solution to arm organizations of all sizes with the industry’s most advanced CB Response operation.

CB's Co-Founder on Red Canary