VMware’s Carbon Black analysts assist security teams in identifying threats and respond to them promptly. This feature is a courtesy of the new Managed Detection and Response solution.

VMware is introducing an increase in the endpoint security business to accommodate cloud-based managed detection and response (MDR) solutions in the form of its Carbon Black Cloud Managed Detection and Response features.

Background of the problem

As the number of attacks and threats to cybersecurity is increasing daily, the security operation centers (SOC) teams are required to update their methods and techniques to counter these attacks. Rather than understanding the threats to their environments, SOC analysts invest their time in discovering and validating alerts.

To counter this problem, VMware Carbon Black Cloud MDR was created. The system automatically observes system endpoints to ensure continuous monitoring and alert triage. Carbon Black also provides threat analysts with guidance on how to manage the problems.

 What does VMware’s Carbon Black do?

VMware’s Carbon Black introduces a novel feature to enable businesses to respond to and contain cybersecurity threats and breaches quickly. The Carbon Black Cloud MDR for endpoints and workloads is created to observe and skim through data for customers using the VMware Carbon Black Cloud.

According to the threat team analysis, the Carbon Black Cloud Managed Detection and Response (MDR) is founded using the experience and technical knowledge that has been derived over several years. This further enables the system to examine the threats over a wider spectrum.

The Carbon Black Cloud Managed Detection and Response program is an extension of the Carbon Black offerings released in 2017.  With this upgraded system, security teams can proactively contact the cyberattack victim to discuss the alerts. As a result, security recommendations and information on policy changes can be offered promptly to circumvent threats.

Additionally, MDR can also reduce security staffing pressures by offering continuous automated monitoring. The program also allows analysts to watch the victimized endpoint, even after it has been made secure and isolated. This enables security analysts to continue observations until the threat is controlled.

The main objective of MDR is to amalgamate machine learning with in-depth monitoring to ensure quick and accurate responses to external threats. The system extends a unified response to threat management.