Carbon Black Cb Response Archived Reviews (More than two years old)

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Real User
Consulting IT Architect
May 21 2018

What is most valuable?

Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption. In incident… more »

How has it helped my organization?

Carbon Black Cb Response significantly reduced time to containment in the environment which enabled the isolation of incidents to single hosts or network segments.

What needs improvement?

The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation.

What's my experience with pricing, setup cost, and licensing?

Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth.

What other advice do I have?

Ensure that you have sufficient resources to dedicate to maintaining and utilizing the product, including maintenance staff as well as incident responders and threat hunters. Be prepared to define metrics and use them to quantify the ROSI… more »
Real User
Cyber Security Manager at a insurance company with 51-200 employees
Apr 05 2018

What is most valuable?

The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we… more »

How has it helped my organization?

The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could… more »

What needs improvement?

Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if… more »

What's my experience with pricing, setup cost, and licensing?

We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break… more »

Which solution did I use previously and why did I switch?

We did not have a similar, previous solution that we were replacing. This was part of an initial push we were trying to make at the time into better systems security.

What other advice do I have?

Explore all options in the space and see if you’re ready to really use an incident response platform such as this for threat hunting in your environment, or if you should… more »

Which other solutions did I evaluate?

There wasn’t much similar to Response that I was familiar with at the time. Though some other vendors are starting to include similar features now, Response was a leader… more »
Real User
Technical Support Specialist at a financial services firm
Mar 19 2018

What is most valuable?

The ability to isolate an endpoint with only the host name and a click of a button is a major time saver. No need to go hunting for an IP or typing in terminal.

How has it helped my organization?

Cb Response is our primary incident response tool. With this product in our hands, we are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts.

What needs improvement?

The threat intelligence feed could use some fine tweaking. We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds. So, rather than Cb Response being able to pull the data from the feed, we have to manually blacklist MD5 hashes.

What is Carbon Black Cb Response?

CB Response is an industry-leading incident response and threat hunting solution designed
for security operations center (SOC) teams. CB Response continuously records and stores
unfiltered endpoint data, so that security professionals can hunt threats in real time and
visualize the complete attack kill chain. It leverages the CB Predictive Security Cloud’s
aggregated threat intelligence, which is applied to the endpoint activity system of record for
evidence and detection of these identified threats and patterns of behavior.

Carbon Black Cb Response customers

ALLETE

belk