October 05, 2023

VMware Carbon Black Managed Threat Hunting

VMware Carbon Black believes in empowering security teams to close the risk gap they face today. One of the frequent conversations we hear from our customers is the need for additional qualified analysts to help secure their enterprises and environments.

Introduction 

VMware Carbon Black believes in empowering security teams to close the risk gap they face today. One of the frequent conversations we hear from our customers is the need for additional qualified analysts to help secure their enterprises and environments. This is especially true when attempting to set up proactive security programs like threat hunting. Today, a lot of a security analyst’s time is consumed with day-to-day operations and responding to a volume of alerts. Many organizations find it difficult to set up proactive security programs. 

VMware Carbon Black has recently released Managed Threat Hunting (MTH), backed by a team of highly experienced security analysts, that will aid our US (United States) based Enterprise EDR (EEDR) customers in establishing a proactive threat hunting program. Managed Threat Hunting provides Enterprise EDR customers with additional expertise, knowledge, and insight into their environments through the capabilities of the service which is provided by VMware Carbon Black Managed Detection and Response (MDR) analysts. 

This product is only available to US-based Enterprise EDR (EEDR) customers. 

Why is Managed Threat Hunting important? 

VMware Carbon Black Managed Threat Hunting helps understaffed security teams by monitoring and hunting for emerging and prevalent threats in the telemetry provided by VMware Carbon Black Enterprise EDR. A managed threat hunt is when our MDR analysts proactively search for emerging threats in your environment. Upon the hunt's completion, MDR analysts notify the customer via email or communication in-console that will summarize any threats found. To reduce alert fatigue, Carbon Black MDR analysts only escalate threats to the customer’s alert page. 

How often do analysts run threat hunts? 

MDR analysts run threat hunts when they have discovered new or evolving intelligence. This timing can vary from weekly to multiple times per day. As a Carbon Black Managed Threat Hunting (MTH) customer, our analysts can contact you through the alert notes on the Alert ID History and Threat ID History panes and through email notifications. Customers can leverage the Carbon Black MDR analyst team’s expertise through two-way communication built into alert notes. Alerts discovered by a hunt have an MDR Threat Hunt badge and a pane that contains additional details. 

image-20231005230116-1

Upon completion of the threat hunt, Carbon Black MDR analysts will continue to monitor the threat and escalate likely threats to customers. Alerts discovered by ongoing monitoring will have an MDR badge. 

image-20231005230135-2

How VMware Carbon Black Cloud helps Security Teams 

VMware Carbon Black continues to build on its track record of innovation – first as a pioneer in Application Control and Endpoint Detection and Response and now as an industry leader delivering on the promise of Extended Detection and Response. VMware Carbon Black Managed Threat Hunting is the next step in enabling security teams to gain an unprecedented ability to see threats that exist in their environment and act on those threats. One quarter of the Fortune 100 rely on Carbon Black’s technology and expertise, and the company’s global team is dedicated to working with the growing community of forward-thinking security professionals worldwide to solve problems and share solutions to make our digital world more secure.  

Learn More 

For more information contact your VMware Carbon Black sales representative. 

Filter Tags

Carbon Black Cloud Blog

Sowmya Jayakirthi

Read More from the Author

Content Marketing Manager Hello, I'm Sowmya Jayakirthi, a seasoned professional with an impressive 17 year track record in the field of technical writing. With expertise in creating clear and concise documentation, and has effectively communicated complex concepts to diverse audiences. In addition, I bring in a year of experience as a content strategist, leveraging my strategic mindset to develop impactful content strategies. My passion is to deliver high-quality technical content and drive effective content strategies for Carbon Black Tech Zone.

VIEW MORE

Dale McKay

Read More from the Author

Staff Technical Marketing Architect, Security Business Unit, VMware. Dale is a technology evangelist and strategist with deep expertise in security, virtualization, and networking. He has extensive knowledge of a variety of technologies for meeting the strategic and tactical needs of clients. He has strong real-world, hands-on skills in cybersecurity, with his focus being on implementing policies and operating procedures that help his customers address their cybersecurity demands. He is an experienced leader in determining client needs, delivering solutions, and building relationships. Most clients come to view him as a trusted advisor. Some of his key accomplishments over his career • vExpert, vExpert- NSX, vExpert- Security. • Office of the CTO Ambassador (CTOA) - VMware. He holds advanced industry certifications from Amazon Web Services, Microsoft, Cisco, CompTIA, the Cloud Security Alliance, and of course, VMware.

VIEW MORE