Leveraging its threat analysis team's expertise and broad visibility, VMware's Carbon Black is rolling out a new service that helps organizations respond and contain cybersecurity threats or breaches.
The new Carbon Black Cloud Managed Detection and Response (MDR) for endpoints and workloads is supported by analysts with decades of experience. They monitor and analyze data for customers in the VMware Carbon Black Cloud using advanced machine learning and algorithmic toolsets.
The threat analysis team "has not only expertise derived over many years but also the ability to watch the threat landscape over a broad spectrum," Kal De, VP and GM of VMware's Security Business Unit, said to ZDNet. "We have approximately a million endpoints under active monitoring at any given point in time... versus an individual [at a customer organization] -- their visibility is limited to what's happening in their particular environment."
The new offering builds on the managed detection capabilities Carbon Black has offered since 2017. Now, if there's an incident, analysts can proactively reach out to the affected customer and initiate a two-way conversation. They'll respond to questions regarding alerts and offer recommendations for policy changes customers can take to remediate the threat. Analysts can maintain visibility on a compromised endpoint even after isolating and securing it, and they'll continue communications until the threat is contained.
MDR analysts provide around-the-clock monitoring, which Carbon Black says will help reduce security staffing pressures.
"What we're trying to do is combine machine intelligence with expert eyes that can offer a much higher degree of accuracy in responding to the signal quickly and effectively," De said. Compared to competing for security products, he said Carbon Black offers a "much more unified boots on ground, human response."