Our Unique Approach to Cloud Enabled Security

Why The Unfiltered Data Approach Is So Different

Carbon Black has solved some very difficult security-related data and analytics problems that make our platform unique and differentiated, both today and for the longer term. It all starts with unfiltered endpoint data — or the centralized recording of endpoint activity without filtering anything out. Unfiltered data is essentially the digital equivalent of a surveillance camera for your endpoint.

Unfiltered Data
Unfiltered Data

This unfiltered approach is very different than our endpoint competition, which collects a filtered data set. Other vendors only collect data when they know something is bad, or when they think something is bad. Carbon Black, however, collects everything because attackers intentionally “look normal” in order to hide their attacks.

High-Volume Data Shaping From Endpoint To Cloud

Data shaping
Data shaping

The high volume of data produced by a typical endpoint, without purpose-built technology, consumes too much network bandwidth and costs too much to store and analyze. Carbon Black has invested heavily in proprietary data shaping technologies that allow us to overcome the data pipeline challenge and deliver high-volume endpoint data to the cloud for analysis.

Real-Time Threat Analysis Based on Activity


In order to realize the full potential of this unfiltered endpoint data set, we had to leverage streaming analytics in order to look at behaviors over time. Our real time analytic capabilities are based on event stream processing, the same technology that has transformed many other industries such as credit card fraud detection. Carbon Black is the first to bring event stream processing to endpoint security.

Now let’s take a look at our platform

blue cloud shape
blue bar with text single agent single console single dataset

Cb Predictive Security CloudTM

vertical bracket shape