VMware Carbon Black

REAL-TIME DEVICE ASSESSMENT AND REMEDIATION

Security operations solution that provides system audit and remote response capabilities for endpoints and workloads from a cloud-native endpoint protection platform (EPP).

 

Inspect Endpoints

Security and IT Operations teams often have no reliable way to audit current system state at scale across their enterprise, leading to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance.

  • Easily access artifacts directly from all endpoints and workloads on demand.

  • Gain visibility into precise details about current state of all devices – on and off the network.

  • Make quick, confident decisions to improve IT hygiene and harden systems against attacks.

 

Respond Immediately

Audit and Remediation helps close the gap between the security and infrastructure teams, allowing administrators to perform comprehensive investigations and remote remediations all from a single cloud-based platform.

 

 

  • Create a remote, secure shell to any device to apply patches or configuration updates.

  • Collect and store detailed forensic data for post-incident investigation.

  • Run scripts for full remediation in minutes.

Track & Report On Drift

Security teams are often forced to play catch up during emergency situations because there is limited time to perform in-depth audits and evaluate potential risks. Audit and Remediation allows administrators to automate ongoing reporting on patch levels, user privileges, disk encryption status, and more in order to track configuration drift and maintain the desired state of their ever-changing environment over time.

  • Schedule queries to run on a daily, weekly, or monthly basis.

  • Target all devices or specific groups of endpoints, servers, virtual machines, or containers.

  • Sort, filter, and export query results for improved visibility into business-critical assets.

 

Leverage a Single Platform

Audit and Remediation is built on the VMware Carbon Black Cloud, the only cloud-native endpoint protection platform that combines on-demand query functionality with advanced prevention, detection, and response.

  • Comprehensive endpoint protection delivered via one sensor and one console.

  • Stops known and unknown threats through big data analytics.

  • Allows seamless unification with the rest of the security stack.