VMware Carbon Black Managed Threat Hunting
VMware Carbon Black believes in empowering security teams to close the risk gap they face today. One of the frequent conversations we hear from our customers is the need for additional qualified analysts to help secure their enterprises and environments. This is especially true when attempting to set up proactive security programs like threat hunting. Today, a lot of a security analyst’s time is consumed with day-to-day operations and responding to a volume of alerts. Many organizations find it difficult to set up proactive security programs.
VMware Carbon Black has recently released Managed Threat Hunting (MTH), backed by a team of highly experienced security analysts, that will aid our US (United States) based Enterprise EDR (EEDR) customers in establishing a proactive threat hunting program. Managed Threat Hunting provides Enterprise EDR customers with additional expertise, knowledge, and insight into their environments through the capabilities of the service which is provided by VMware Carbon Black Managed Detection and Response (MDR) analysts.
This product is only available to US-based Enterprise EDR (EEDR) customers.
Why is Managed Threat Hunting important?
VMware Carbon Black Managed Threat Hunting helps understaffed security teams by monitoring and hunting for emerging and prevalent threats in the telemetry provided by VMware Carbon Black Enterprise EDR. A managed threat hunt is when our MDR analysts proactively search for emerging threats in your environment. Upon the hunt's completion, MDR analysts notify the customer via email or communication in-console that will summarize any threats found. To reduce alert fatigue, Carbon Black MDR analysts only escalate threats to the customer’s alert page.
How often do analysts run threat hunts?
MDR analysts run threat hunts when they have discovered new or evolving intelligence. This timing can vary from weekly to multiple times per day. As a Carbon Black Managed Threat Hunting (MTH) customer, our analysts can contact you through the alert notes on the Alert ID History and Threat ID History panes and through email notifications. Customers can leverage the Carbon Black MDR analyst team’s expertise through two-way communication built into alert notes. Alerts discovered by a hunt have an MDR Threat Hunt badge and a pane that contains additional details.
Upon completion of the threat hunt, Carbon Black MDR analysts will continue to monitor the threat and escalate likely threats to customers. Alerts discovered by ongoing monitoring will have an MDR badge.
How VMware Carbon Black Cloud helps Security Teams
VMware Carbon Black continues to build on its track record of innovation – first as a pioneer in Application Control and Endpoint Detection and Response and now as an industry leader delivering on the promise of Extended Detection and Response. VMware Carbon Black Managed Threat Hunting is the next step in enabling security teams to gain an unprecedented ability to see threats that exist in their environment and act on those threats. One quarter of the Fortune 100 rely on Carbon Black’s technology and expertise, and the company’s global team is dedicated to working with the growing community of forward-thinking security professionals worldwide to solve problems and share solutions to make our digital world more secure.
For more information contact your VMware Carbon Black sales representative.