BlueApp for Carbon Black

Isolate Endpoints Automatically with the BlueApp for Carbon Black

Carbon Black
  • Endpoint
  • Detection
  • Response

See All BlueApps + Plug-ins >
BlueApps extend USM Anywhere’s threat detection and orchestration capabilities to other security tools at no additional cost.
Learn more ›

The BlueApp™ for Carbon Black delivers advanced security orchestration capabilities between LevelBlue USM Anywhere™ and Carbon Black’s Cb Protection and Cb Response, so you can automatically isolate your infected endpoints whenever threats are detected in USM Anywhere. 

With pre-built security orchestration and automated response capabilities, you can shorten the time from threat detection to response, without any of the heavy lifting typically required to integrate multiple security IT tools.

  • Shorten the time from threat detection to threat response with automation
  • Save time, money, and headaches in integrating multiple IT security tools
  • Gain more visibility into activities and changes detected in endpoints by Cb Protection
  • Automate or trigger response actions within USM Anywhere to isolate infected systems through Cb Response

How It Works:

  1. USM Anywhere collects and analyzes events from Cb Protection and Cb Response, along with data from your other assets and security solutions.

  2. USM Anywhere identifies host or network activity that indicates a compromised endpoint, such as a server infected by malware, and generates an alarm.

  3. Through a user-executed action or an automated orchestration rule, USM Anywhere sends the compromised endpoint’s IP address to Cb Response.

  4. Cb Response uses the IP address to isolate the endpoint from the rest of your environment.

Ready to get started? See detailed instructions here ›

Why You’ll Love the BlueApp for Carbon Black

Accelerate Time to Detection & Response

  • Detect threats against your on-premises and cloud environments, and your SaaS applications, directly in USM Anywhere
  • Investigate incidents efficiently with rich, contextualized threat data in a single pane of glass
  • Automatically isolate compromised systems with Cb Response for rapid threat response

Save Time & Money

  • Reduce the time and expense of integrating multiple security products
  • Combine five essential security capabilities plus a growing ecosystem of BlueApps in one single console
  • Focus on threat response—not writing complex security analytics rules (LevelBlue Labs does that for you!)

Extend Your Security Monitoring Capabilities 

  • Aggregate alerts and events from Cb Protection and Cb Response
  • Know what activities and changes are happening across your endpoints directly from USM Anywhere
  • Centrally monitor and analyze events and alerts gathered from all your security point products within USM Anywhere
Get price Free trial