VMware Carbon Black is today announcing new capabilities for macOS systems protected by our cloud-native enterprise endpoint detection and response (EDR) solution, CB ThreatHunter. This latest release on the VMware Carbon Black Cloud further expands customizable detection, threat intelligence, incident response, and threat hunting capabilities to all three major operating systems: Windows, macOS, and Linux.
Security professionals and systems administrators need the ability to hunt for threats and analyze activity across all endpoints in their environment, regardless of operating system. CB ThreatHunter is the enterprise endpoint detection and response (EDR) solution that enables teams to easily hunt for threats over a continuously collected dataset, as well as rapidly respond to incidents from anywhere in the world.
This latest expansion of our enterprise EDR capabilities extends our granular endpoint event collection to the latest macOS environments running versions since 10.10, which includes official support for the most recent 10.15 Catalina release. Unlike other endpoint security solutions, CB ThreatHunter combines continuously collected endpoint data with custom and out-of-the-box threat intelligence to instantly gain greater visibility into Windows, macOS, and Linux systems. CB ThreatHunter also delivers the ability to create custom detection alerts via automated watchlists and seamlessly integrate with other solutions in the security stack.
Today’s security professionals know that reactively collecting data using yesterday’s forensic tools and outdated antivirus products provides very little visibility into the complete context of an incident and often results in too much extra effort. It is impossible to know exactly what you will need to investigate an incident before it happens, but it is possible to minimize your detection and response times by arming your team with complete visibility.
Expanding the comprehensive endpoint visibility provided by the Carbon Black Cloud is crucial to tilting the advantage away from the attackers and back toward the defenders. According to VMware Carbon Black’s November 2019 Global Incident Response Threat Report, 41% of firms surveyed indicated that visibility was the top barrier to responding to incidents quickly and effectively. We know the majority of today’s advanced attacks are leveraging evasive techniques such as lateral movement and island hopping. Visibility into every endpoint in your enterprise, across all major operating systems, not only helps you shut down today’s threats, but also provides all the necessary context to harden your environment against tomorrow’s threats.