Carbon Black App for IBM Security QRadar · PDF fileCarbon Black App for IBM Security QRadar Stay ahead of emerging threats with IBM Security and Carbon Black The IBM Security App

Carbon Black App for IBM Security QRadar Stay ahead of emerging threats with IBM Security and Carbon Black

The IBM Security App Exchange provides organizations with:

• Convenient web access to validated extensions to IBM Security solutions

• Additional IBM® Security QRadar® correlation rules, dashboards, visualizations and third-party integrations

• The ability to share content with industry peers to help eliminate threats

1

Cybercriminals are more sophisticated than ever, and the attacks on all types of organizations show no

signs of slowing down. That’s why IBM Security, Carbon Black and a wide range of security industry

leaders have joined forces on the IBM Security App Exchange—so security teams from around the world

can work together to create better network defenses.

2

Know More, Respond Faster with Carbon Black

The Carbon Black App for QRadar provides organizations with

a single unified management console for SIEM and endpoint

detection and response (EDR). By uniting SIEM and EDR

capabilities into a single console, security teams can now

more quickly and effectively investigate SIEM alerts and, when

necessary, take immediate action at the point of

compromise—the endpoint.

Validated against IBM criteria and installed in minutes, the

Carbon Black App for QRadar is a turnkey extension freely

available to all clients through the App Exchange. Once

installed, the App connects with the Carbon Black Enterprise

Response server to provide QRadar administrators with direct

access to many of CbER’s powerful EDR features including

1100 Winter Street, Waltham, MA 02451 USA P 617.393.7400 F 617.393.7499 www.bit9.com

 3

the ability to conduct real-time file and process

searches, check watchlist hits, deploy new

endpoint sensors, and stop attacks in motion by

isolating an endpoint from the network, all from

within QRadar. Should more advanced incident

response features, such as live response, be

required, the App includes built-in context-aware

connections that provide direct access to the

CbER console.

About Carbon Black Enterprise Response

Carbon Black Enterprise Response is the first and

only endpoint threat detection and response

platform that enables SOC and incident

response (IR) teams to prepare for a data

breach through continuous endpoint recording,

customized detection, live response, remediation,

4

and threat banning. CbER makes advanced

threats easier to see and faster to stop by

empowering organizations to arm their endpoints

against the most advanced and targeted attacks.

Discover the IBM Security App Exchange

The IBM Security App Exchange is the premier

collaboration site for sharing software

enhancements, applications, and extensions that

complement IBM Security solutions. It enables

security teams to access tools that help improve

visibility into threats, anomalies and malicious

activity occurring on the network, while also

expanding the mitigation and remediation

capabilities deeply integrated in IBM QRadar

Security Intelligence Platform.

For more information

To learn more about the IBM Security App

Exchange, please visit: apps.xforce.ibmcloud.com

For more information about Carbon Black, please

visit: www.carbonblack.com

© Copyright Bit9, Inc. 2015.

IBM, the IBM logo, ibm.com, and QRadar are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.