carbon black app for ibm security qradar · pdf filecarbon black app for ibm security qradar...
TRANSCRIPT
Carbon Black App for IBM Security QRadar Stay ahead of emerging threats with IBM Security and Carbon Black
The IBM Security App Exchange provides organizations with:
• Convenient web access to validated extensions to IBM Security solutions
• Additional IBM® Security QRadar® correlation rules, dashboards, visualizations and third-party integrations
• The ability to share content with industry peers to help eliminate threats
1
Cybercriminals are more sophisticated than ever, and the attacks on all types of organizations show no
signs of slowing down. That’s why IBM Security, Carbon Black and a wide range of security industry
leaders have joined forces on the IBM Security App Exchange—so security teams from around the world
can work together to create better network defenses.
2
Know More, Respond Faster with Carbon Black
The Carbon Black App for QRadar provides organizations with
a single unified management console for SIEM and endpoint
detection and response (EDR). By uniting SIEM and EDR
capabilities into a single console, security teams can now
more quickly and effectively investigate SIEM alerts and, when
necessary, take immediate action at the point of
compromise—the endpoint.
Validated against IBM criteria and installed in minutes, the
Carbon Black App for QRadar is a turnkey extension freely
available to all clients through the App Exchange. Once
installed, the App connects with the Carbon Black Enterprise
Response server to provide QRadar administrators with direct
access to many of CbER’s powerful EDR features including
1100 Winter Street, Waltham, MA 02451 USA P 617.393.7400 F 617.393.7499 www.bit9.com
3
the ability to conduct real-time file and process
searches, check watchlist hits, deploy new
endpoint sensors, and stop attacks in motion by
isolating an endpoint from the network, all from
within QRadar. Should more advanced incident
response features, such as live response, be
required, the App includes built-in context-aware
connections that provide direct access to the
CbER console.
About Carbon Black Enterprise Response
Carbon Black Enterprise Response is the first and
only endpoint threat detection and response
platform that enables SOC and incident
response (IR) teams to prepare for a data
breach through continuous endpoint recording,
customized detection, live response, remediation,
4
and threat banning. CbER makes advanced
threats easier to see and faster to stop by
empowering organizations to arm their endpoints
against the most advanced and targeted attacks.
Discover the IBM Security App Exchange
The IBM Security App Exchange is the premier
collaboration site for sharing software
enhancements, applications, and extensions that
complement IBM Security solutions. It enables
security teams to access tools that help improve
visibility into threats, anomalies and malicious
activity occurring on the network, while also
expanding the mitigation and remediation
capabilities deeply integrated in IBM QRadar
Security Intelligence Platform.
For more information
To learn more about the IBM Security App
Exchange, please visit: apps.xforce.ibmcloud.com
For more information about Carbon Black, please
visit: www.carbonblack.com
© Copyright Bit9, Inc. 2015.
IBM, the IBM logo, ibm.com, and QRadar are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.