Threat Analysis Unit

Protecting customers through innovation and world-class research. We innovate faster than the attackers.

text_image_eight narrow
At Carbon Black, our job is to keep you safe by staying on top of the latest threats and attack techniques. To deliver the most comprehensive protection possible, we’re constantly enhancing our products with the latest detection logic.

The Carbon Black Threat Analysis Unit (TAU) is focused on the next wave of attacks. Our job is to keep you safe by understanding how to detect and prevent attacks that bypass traditional, file-centric, prevention strategies. We are focused on techniques that were once the domain of advanced hackers, and are now moving downstream into the commodity attack market.

We have built an automated malware-analysis pipeline to catch the traditional malware artifacts, and we have an advanced-analytics environment to detect the fingerprints left by the attacks that abandon files all together

basic_heading secondary

Our Purpose


With non-malware threats becoming increasingly dangerous, it’s important to work continuously with our customers, partner communities, and research teams around the globe. By doing this, we can monitor the complex, ever-evolving threat landscape and take action to keep you safe. Our purpose is to:

  • Understand the attacker
  • Understand the targets
  • Detect and prevent emerging attacks
  • Develop detection and prevention that extend beyond malware
basic_heading secondary

Our Talent

  • Cb_Threat-Hunting_Updated_rFINAL-10

    Malware Analysts and Reverse Engineers

  • Cb_Threat-Hunting_Updated_rFINAL-11


  • Cb_Threat-Hunting_Updated_rFINAL-12


  • Cb_Threat-Hunting_Updated_rFINAL-13

    Intelligence Analysts

resources row

Research & Blog Posts


Our Tools

Carbon Black's Threat Analysis Unit (TAU) is composed of some of the leading minds in cybersecurity research. The team has extensive experience with: 

  • Real-time big data

  • Event streaming processing

  • Static, dynamic, & behavioral analytics

  • Machine learning

basic_heading secondary

The Proof

  • Cb_Threat-Hunting_Updated_rFINAL-02

    Binaries analyzed per day

  • Cb_Threat-Hunting_Updated_rFINAL-03

    Software reputation library

  • Cb_Threat-Hunting_Updated_rFINAL-04

    Alerts processed each month

  • Cb_Threat-Hunting_Updated_rFINAL-05

    Threat research partners