Incident response is about getting answers, quickly. You need all the information about on-site activity available to you, at all times. If you’re spending time collecting data after a threat is detected, you’ve already lost. With gapless visibility at your fingertips at all times, you always have conclusive answers to the questions you’re asking.
Cb Response is the market-leading incident response solution.
This table shows data from Carbon Black Partners that actively provide IR services and the Carbon Black SOC, showing how incident response times can go from months to minutes with Cb Response:
|In-House FTE||Conventional 3rd Party||Carbon Black Response|
|Endpoint Located||2 hours||2 hours||<1 minute|
|Forensic resource applied to endpoint||1 hour||12 hours||n/a|
|Endpoint imaged||6 hours||4 hours||n/a|
|Endpoint Analyzed||70 hours||40 hours||10 minutes|
Blog: 5 Common Mistakes When Responding to a Security Incident
Datasheet: Cb Response
White Paper: Reducing the Cost of Incident Response
White Paper: SANS: The Race to Detection: A Look at Rapidly Changing IR Practices