LogRhythm and Carbon Black have partnered to deliver enterprise-wide threat detection and response. LogRhythm’s security intelligence and analytics platform continuously collects, normalizes, and analyzes rich, dynamic endpoint telemetry captured by Cb Response, including endpoint threat attribution, reputation and prevalence data. When a threat or indication of compromise is detected within a customer environment, a LogRhythm SmartResponseTM plugin can automatically instruct Cb Response to take immediate action on the impacted endpoint including isolating the host from the network, killing a process on the “host,” or deleting a file from the host, among other actions.
- Detect and prioritize intrusions faster by correlating detailed endpoint activity with other environmental context to recognize early indicators of potential compromise
- Visualize high priority events in a Carbon Black-specific dashboard within LogRhythm’s centralized console
- Automate investigatory and response processes including deployment of real-time countermeasures on an endpoint to prevent further impact and expedite incident response
- Streamline processes that were once significantly manual, including attack analysis and adaptive threat defense