Report

Carbon Black defends against malware and fileless attacks

The views expressed by analysts in their coverage of Carbon Black are those of the author and do not reflect the views of Carbon Black. Additionally, the information contained in their reports may not be correct or current. Carbon Black disavows any obligation to correct or to update the information contained in analyst reports.

Instead of relying on signatures, Carbon Black combines static and dynamic code analysis to detect malicious code. Its approach to file-less attacks relies on a continual risk profile assessment to determine whether a legitimate tool is being misused and, if necessary, block it. The system’s heavy lifting is all in the cloud, with a lightweight agent on the endpoint that looks at events but does not scan.

Carbon Black is a compelling option for any EPP project, whether greenfield or ripping-and replacing legacy antivirus.