Carbon Black

Carbon Black leads a new era of endpoint security by enabling organizations to disrupt advanced attacks, deploy the best prevention strategies for their business, and leverage the expertise of 10,000 professionals to shift the balance of power back to security teams.

Carbon Black is #1

  • #1 Endpoint Protection
    Voted "Best Endpoint Protection" by SANS users.
  • #1 Incident Response
    Chosen by 68% of IR professionals.
  • #1 Market Share
    37% of Endpoint Market Share: IDC

Here's why forward-thinking security teams choose Carbon Black.

Every second counts

Continuously record, centralize and retain activity from every endpoint.

  • Continuous, always on, never sleeps, because you can't know what's bad ahead of time.
  • Collect the right data, based on our offensive security expertise.
  • Stream all data to an aggregated "system-of-record" for a single source of truth. Manage as a key IT asset.
  • Retain a persistent history of attackers' every action, the root cause of their attacks, and patterns of behavior.
  • Non-intrusive. Never impact endpoint or user.


  • Visibility. Know what's happening on every endpoint.
  • Scope an incident in minutes.
  • Historical traceability for investigations.
  • Apply new detection rules retrospectively.

Disrupt attacker behavior

Hit them where it counts: root cause and behavior patterns.

  • Move beyond signatures and hashes. Determine an attack's root cause. Address the real attack vector, not just the symptoms.
  • Understand patterns of attack behavior. Systematically shut down tactics, techniques and procedures. Eliminate repeat attacks.
  • Customize detection rules to fit your unique threat and risk profile. Never let attackers hide.
  • Diagnose, contain, disrupt, and remediate attacks from anywhere. "Live" remote control.


  • Make attackers change their behavior to shift the balance of power in your favor.
  • Remediate faster, address root cause.
  • Reduce exposure and risk profile

Choose the right prevention

Multiple options to fit your business

  • Multiple layers of endpoint defense: Stop attacks with a variety of endpoint prevention options.
  • Dial-up/down. Flexible endpoint policies, under your control.
  • Proper balance. Implement the best choices to fit your culture and the different needs of users, lines of business and endpoints. One size does not fit all.


  • Adapt the security to your business, not the business to your security.
  • Deliver the most effective endpoint security. The best it can be for every part of your business.
  • Defend the integrity of your business without slowing it down.
  • You have control. Adapt your defense to the changing threat landscape

Never go-it-alone

United people, knowledge, and systems

  • United systems: Open APIs and dozens of partner integrations to integrate with your existing security stack. Get the best of two worlds: best-of-breed and integrated.
  • United knowledge: Consume behavioral patterns of attack, threat intelligence, code, etc. from experts. Share if you want. Opt-in.
  • United experts: Combat attackers by leveraging the collective expertise of 10,000 experts from leading IR firms, MSSPs, and enterprises.


  • Detect and disrupt attacks, fast.
  • Leverage the experience of others. Don’t "reinvent the wheel."
  • Automate processes. Minimize human intervention and error. Operate at scale with higher accuracy.
  • Integrate with your existing systems to enhance your current investments.