Carbon Black & VMware Announce Expanded Partnership to Secure the Software-Defined Data Center (SDDC) Learn more

Cb Defense October 2017 Release Speeds Up Your Response

Enhanced_Search_Cb_Defense
allen
October 3, 2017 / Allen Lieberman

During a response scenario, every minute counts. The faster you can complete your investigation, the faster you can start taking corrective action.

That’s why this week we’re happy to announce the October 2017 update of Cb Defense, which improves search functionality within the Cb Defense console and makes it easier to manage offline and de-registered devices. This lets you get to what really counts faster: responding to threats and protecting your endpoints.

For a quick look at these new features and enhancements check out the short teaser below:

Easy Search

When you select a key-value pair, Cb Defense creates an editable query chip in the search bar

 

The new search functionality in Cb Defense makes it easier than ever to gather forensic data after an attack or proactively hunt for IOCs in your environment to mitigate threats.

When searching on the “All Alerts” or “Investigate” pages, you’ll now be given suggestions with the option to select key-value pairs. When you select one of these, Cb Defense will create an editable query chip in the search bar. This makes it really easy to run more advanced and specific searches to quickly find the information you are looking for.

A few common examples of key-value pairs in this new search functionality include:

  • TTPs
  • Device location
  • Threat Category
  • Reputation
  • Matches for partial IP addresses
  • … and more!

All of this new search functionality is added on top of the existing search functionality within Cb Defense, so you still have the option of performing free-form and advanced searches.

Improved Device Management

We’ve also made improvements to the “Enrollment” page to make manual device management easier and to allow for the auto-deletion of deregistered devices. The goal here is to make it easier within larger deployments and those in dynamic environments that see lots of change to manage their devices and improve visibility across their environment.

 

You can now manually delete de-registered devices from the Enrollment page by selecting the checkbox next to one or more devices.

 

Finally, we’ve made it easy to manage virtual desktops as well, with new capabilities to automatically de-register virtual desktop sensors that are inactive for a customizable period of time. For customers that frequently use VDI, you can now easily set up a two-step process that will automatically de-register and delete VDI sensors. This allows you to drastically reduce clutter in your console without the need for ongoing, manual clean up.

Want to see what else Cb Defense can do? Check out the Cb Defense Product Tour to get an immersive look at our market-leading NGAV + EDR platform.

TAGS: automation / Cb Defense / Easy Search / NGAV

Related Posts