Carbon Black Launches v4.0, Announces Key New Features: Continuous Endpoint Visibility, Enhanced Threat Detection and ‘Incident Response in Seconds’

Share Article

Latest version of Carbon Black allows “even the intern” to perform conclusive incident response in seconds.

With Carbon Black 4.0, we are better preparing organizations for the inevitability of compromise by providing an always-on, comprehensive, and synthesized view of an attacker’s every move.

Carbon Black, recently named a “Best Emerging Technology” finalist by SC Magazine for the 2014 SC Magazine Awards, announced on Thursday version 4.0 of its software, which provides organizations with Continuous Endpoint Visibility, enhanced Threat Detection capabilities and the power to conduct conclusive Incident Response in seconds.

“Organizations are quickly embracing the ‘inevitability of compromise’ mindset,” said Carbon Black CEO Michael Viscuso. “They are realizing it’s not a matter of if, but when an attack will be successful against their enterprise. With Carbon Black 4.0, we are better preparing organizations for this inevitability of compromise by providing an always-on, comprehensive, and synthesized view of an attacker’s every move. This visibility gives everyone on your security team, even the intern, the ability to respond to an attack in a matter of seconds.”

Detection in Depth

A new feature of Carbon Black 4.0 is the frictionless integration of threat intelligence feeds, the product of collaborating with leading threat intelligence providers in the security community and the Carbon Black Alliance.

Two global threat intelligence feeds (provided by Carbon Black Alliance partners) are included with Carbon Black 4.0:

VirusTotal - leveraging the detection power of the entire antivirus industry.

iSIGHT Partners - a leading provider of worldwide emerging threat intelligence reports.

Carbon Black 4.0 also includes seamless integration of four additional open-source intelligence feeds that add immediate value to customers’ detection efforts:

US CERT’s National Vulnerability Database, with a list of vulnerable software by CVE.

Botnet C2 servers via’s Zeus Tracker, also with SpyEye and Palevo coverage.

Blackhole domains via Malware Domain List’s database of active malware domains.

Currently active Tor node IP addresses via

Custom Intelligence

Carbon Black 4.0 also allows customers to seamlessly create and add customized intelligence feeds, empowering them to leverage their existing technology and proprietary threat intelligence better than ever before.

“There are lots of companies in the industry providing great threat intelligence feeds. We’re not trying to recreate threat intelligence,” said Carbon Black CTO Ben Johnson. “We use Carbon Black’s endpoint visibility to make it easy for information security teams to use anyone’s feed. These teams know their enterprise better than anyone else. We feel they should be able to define what’s important in their own environments.”

Configurable Alerts

Carbon Black matches Indicators of Compromise contained in all threat feeds with Carbon Black sensor data as it arrives on the server. Any activity matching an IOC is tagged. With a single click, Carbon Black customers can be notified of all endpoint activity related to the intelligence feeds, keeping them automatically updated about the changing threat landscape.

About Carbon Black 4.0

Carbon Black provides continuous endpoint visibility - a 360-degree view of the enterprise - by leveraging an always-on, lightweight endpoint sensor. The sensor collects the critical pieces of data needed most during an investigation. This data is stored in a central repository and is instantly searchable.

Carbon Black 4.0 Key Benefits

  •     Real-time and historical endpoint visibility - Carbon Black records, copies and archives all relevant activity on the endpoint, offering a 360-degree view of the enterprise, both now and in the past. This visibility allows you to track every move an attacker makes.
  •     Enhanced detection capabilities - Threat intelligence feeds and integration with threat partners give you the ability to immediately detect and respond to advanced and emerging malware that evades traditional defenses.
  •     Incident response in seconds - Carbon Black allows security teams to unravel the full lifecycle of an attack from a single Indicator of Compromise. With Carbon Black, any level of security staff (even the intern) can conduct root-cause analysis and protect the organization from future threats.

For more information, visit or use the hashtag #CbAnswers on Twitter.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ryan Murphy
Carbon Black
+1 (917) 693-2788
Email >
Visit website