VMware Carbon Black added managed detection and response (MDR) for endpoints and workloads to its security services this week.
The new VMware Carbon Black Cloud Managed Detection and Response builds on the vendor’s existing managed threat detection service, which uses machine learning and VMware’s security analysts to monitor and analyze threat data in the Carbon Black Cloud 24/7.
But now instead of just collecting endpoint and workload telemetry and alerting customers on potential security incidents, VMware analysts also validate if an attack is underway and provide customers with incident remediation and threat containment during a security incident.
“Our customers require a strong security posture that can be realized at speed,” said Taree Reardon, manager of MDR at VMware. “So our MDR offering adds an extra level of protection and the fact that we are able to contain the threats much quicker than our customers would be able to and help them recover faster.”
VMware currently has more than 1 million endpoints on managed detection. This spans all industries, which gives VMware’s analysts broader visibility into potential threats and helps them suggest proactive security measures to customers, Reardon added.
“An analyst who’s sitting in a single SOC in an enterprise may or may not come across the same breadth and depth of threats that we do, which allows us to spot and identify not only attacks, but attack trends, too,” she said. “We can proactively reach out to our clients whenever we see an attack trend happening and say, ‘Hey, this specific threat is starting to pop up pretty frequently. Here’s how to proactively configure your environment to protect against it.’”
In addition to working directly with customers’ security teams, the new MDR service also supports VMware’s customers’ service provider partners, Reardon said.
“As attackers are evolving and speeding up their processes, our customers are realizing that they need to do the same,” she said. “It helps both internal teams and managed, MSSP-type teams to recover faster and focus on other things like threat hunting.”