Augment your malware protection on the endpoint with the power of User Behavior Analytics. Rapid7 InsightIDR integrates with VMware Carbon Black EDR to give you time-saving user and network context for your malware alerts. In addition to ingesting and helping you take action across Carbon Black EDR, Active Directory, and cloud services from a single console, InsightIDR helps you detect malicious behavior off the endpoint. This includes attackers using stolen credentials, compromsied cloud accounts, and lateral movement.
With InsightIDR as your threat detection-focused SIEM, you can unify existing network and security investments, detect stealthy threats that evades prevention, and accelerate incident investigations by over 20x.
Carbon Black EDR is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores comprehensive endpoint activity data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior.