I use the solution for any endpoint in a system, such as a host. The EDR can detect any malicious activity, such as malware, anomalous behavior, or any other possibility of a threat.

Firstly, we use it as part of our Zero Trust networking solution as it acts as a mitigating response for any vulnerabilities with applications or the operating system. Secondly, we use it to track device compliance to check whether things are updated because it collects so much information about devices. Most importantly, we use it for peace of mind knowing that we have a flexible and robust solution for endpoint security.

I use VMware Carbon Black Cloud for endpoint protection, serving as a defense against malware and viruses on client devices.

I use the solution to do back-end architecture and management for a response. 

We use VMware Carbon Black Cloud for endpoint detection and response.

Our primary usage for this solution is as an endpoint response. We use Carbon Black as a threat line of defense for the endpoints.

Our primary use case is to detect any abnormal activity happening on the endpoint. Carbon Black Response works like CCTV which monitors every activity and every single process running on the operating system. We use it on Windows, Linux, and Mac. Once there is an abnormal action, there is a notification that is sent to the administrator.

The administrator will open up the GUI, the console for the Carbon Black Response, and start doing his investigation to get to the root cause for the issue if there is one.

VMware Carbon Black Cloud is a good home office tool for people working outside the office.

We used Cb Response for hands-on computer incident response for our infrastructure, installing it on all of our servers and high-value workstations.

We use Carbon Black for detection and response. So we receive alerts from Carbon Black if it detects any malicious activity. We also use it to quarantine any devices that we may need to isolate due to the security risk that it presents.  

When a machine gets infected we need to have a memory dump and to interact with it. We use this solution as a good way to extract that information from an infected machine.

CBR was used as an intrusion detection platform as well as for IOC enhancement during incident response and forensics activities on a 25,000+ host Windows-based environment.

My clients are in a range of verticals, so we have clients in healthcare, education, manufacturing, etc. We provide solutions to anybody who's insightful enough and forethinking enough to understand that cybersecurity is not like insurance. So my use cases are all across the board. But, essentially, my customer base boils down to anyone who doesn't want to get owned by a ransomware attack. My company chooses the best-in-breed technology for tools, then adds cybersecurity management services on top of that.

We use it for platform metrics, for all use cases. This is the only thing that works, this product. Carbon black is a process listener. You can call back all processes, each process on the client side or the server side. You can retrieve all the information on a process level, and you can combine all the things with an end use case.

We use Cb response primarily as our incidence response. Our environment has more than 300 users handling sensitive client information, like financial data and personal identifiable information, so security is a huge concern. When we receive an incident report from our SOC, our first move is to isolate the endpoint, and Cb response does that seamlessly. We are also able to use the product to perform an in-depth binary process analysis to see if there were any suppressed malicious services.

I did some tests when they came out with the solution because my manager wants an assessment with Carbon Black. I tested the solution for two weeks. It was good.