Carbon Black Inc., which is the firm which provides the cybersecurity provider is going to public in May as part of this year’s tech wave of initial public offerings, today launched its first new product after been debuting on the Nasdaq.
Cb LiveOps is a tool for investigating cyberattacks that involve endpoints which includes the employee desktops. Mapping out the full scope of a breach, in particular what devices are affected, is a prerequisite to any remediation effort which has been caused. Carbon Black argues that the task has so far been more difficult than it needs to be.
In particular, the provider cited the fact that companies often have to use different tools for breach investigation and other parts of their security operations. This disconnect within an organization’s security toolkit creates extra work for administrators, which in turn increases the amount of time it takes to clean up breaches.
Carbon Black is positioning Cb LiveOps as its answer to the challenge. The tool is built atop the company’s Predictive Security Cloud, which powers its flagship antivirus and other security offerings.
Carbon Black said that Cb LiveOps lets administrators perform investigations in the same interface through which they interact with its other products. Moreover, the provider claims Cb LiveOps relies on same endpoint client as well. This means that companies don’t have to set up any extra security software on employee devices, which frees up some time.
According to Carbon Black, Cb LiveOps makes it possible to query endpoints for a wide range of details that may be relevant to a security incident. Administrators can check if a device is caught up on operating system patches and examine key settings such as whether or not disk encryption is enabled. The service also provides insight into higher-level data, including what access privileges are available to a device’s users.
To streamline security investigations further, Cb LiveOps provides a template tool for saving common queries. The idea is to let administrators move faster when a breach is detected by sparing them the trouble of writing every request from scratch.
You may also like to read: