Cb Protection

Cb Protection

(30)
4.5 out of 5 stars

Cb Protection is a next-generation endpoint threat prevention solution to deliver a portfolio of protection policies, real-time visibility across environments, and comprehensive compliance rule sets in a single platform.

Work for Cb Protection?

Learning about Cb Protection?

We can help you find the solution that fits you best.

Cb Protection Reviews

Ask Cb Protection a Question
Write a Review
Cb Protection review by <span>Kevin M.</span>
Kevin M.
Validated Review
Review Source

Admin of Bit9

Reviewed On
Validated Review
What do you like best?

This is a great product for gaining complete control over malware. Anti-virus often times will miss things and cannot protect against all threats. Bit9 provides application white listing and really helps us only allow approved software to run on our systems. This helps us protect against zero day attacks or unapproved software on the systems. The tech support is fantastic and for good reason - you will most likely need them. Deploying the agent is easy with SCCM or the like

What do you dislike?

This is a very cumbersome product. They make you attend a 2 day training class just to get started with it. They also highly suggest you work with an engineer to get it up and running. Getting it up and running involves a slow process of putting the software in visibility mode to learn and then increasing its power to lock down. Can be hard sometimes to troubleshoot why a block is happening and this is compounded by the complex nature of approving and trusting files and programs

Recommendations to others considering the product

The system tries to put in pre-built things to make setup go faster, and this helps but this is not a turn-key and walk away solution. You will spend a lot of time on this each day/week so factor that into your total cost of ownership

What business problems are you solving with the product? What benefits have you realized?

Malware defense

0 of 0 found this helpful.
Helpful?
Filter Reviews
Filter Reviews
  • Ratings
  • Company Size
  • User Role
  • User Industry
Ratings
Company Size
User Role
User Industry
Showing 30 Cb Protection reviews
LinkedIn Connections
Cb Protection review by Administrator in Oil & Energy
Administrator in Oil & Energy
Review Source

Highly Effective, if a bit involved

Reviewed On
Validated Review
Verified Current User
What do you like best?

This is, hands down, my favorite application whitelisting I've ever used. It can approve by the file's hash value (SHA-256), the publisher/certificate, or a number of other custom options. High customizable across the environment, and even enabled me to completely eradicate bloatware (such as ASK Toolbar) within two weeks of full implementation.

If your installation is on a server that can access the internet, it can also use VirusTotal and CB's own reputation service to auto-approve some programs based on collective input from other customers (reducing management time).

Other providers tried to get me to switch because CB Protection uses a lot of man-hours to manage (which is true), but they cannot reliably block some"benign but unwanted" programs without using a blacklisting approach. CB Protection means I can block unwanted programs from the get-go, even if they are basically harmless.

What do you dislike?

This is a highly involved implementation and management. Expect six (6) months or more to call the project done - anything else means that you may very well shut down some critical applications and/or let things through that should not be. Trust me; take the time, plan your policies, and be cautious.

Recommendations to others considering the product

Plan your implementation, and work closely with your Professional Services person. They can really help you. And pay for the training for each administrator (at the time of this review, each purchase comes with two training slots for your company).

What business problems are you solving with the product? What benefits have you realized?

(A form of) Antimalware and version control are the two biggest items. Also, in my current environment, we're using it in an offline scenario - no internet access. All other whitelisting and antimalware solutions REQUIRED internet to function - a big NO-NO for SCADA environments.

0 of 0 found this helpful.
Helpful?
Sign in to G2 Crowd to see what your connections have to say about Cb Protection
Headshots
Cb Protection review by <span>Kevin K.</span>
Kevin K.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

The best aspect of CB Protection is its ability to hash out and quickly locate executables on all of our workstations and servers. This helps us tremendously when searching for and weeding out known-bad and suspected-bad files from our network.

What do you dislike?

At our current installation version (v7) the administration interface is a bit aged and clunky. We've also had some problems with logon scripts being blocked. However, CB support is top-notch and have always helped with we've had issues.

Recommendations to others considering the product

Speak with their representatives. We had a very good pre-launch discussion with their sales and engineering staff in order to get more comfortable with the product and educate ourselves on all of the different aspects of the product's features. Their support is top-notch!

What business problems are you solving with the product? What benefits have you realized?

The biggest problem we were looking to solve with CB Protection was to help prevent the execution of ransomware programs as we had been hit by several in quick succession. The product has delivered on this and has prevented countless other infections from malware and just unwanted applications.

0 of 0 found this helpful.
Helpful?

What Endpoint Management solution do you use?

Thanks for letting us know!
Cb Protection review by <span>Brian S.</span>
Brian S.
Validated Review
Verified Current User
Review Source

Quite a beast

Reviewed On
Validated Review
Verified Current User
What do you like best?

Carbon Black seems to be unlike any other endpoint security product that we've seen. While other (more traditional) products focus on their ability to keep your company safe, Carbon Black focuses on *your* ability to keep your company safe and giving you tools to do that. In our situation, we could not realistically remove local admin rights from the majority of our PCs, so Carbon Black gave us a way to control what people are running without fully removing admin rights. The verbosity of control that we have over our endpoints and the reaction time that Carbon Black gives us to threats is surpassed by no other software that we have seen so far.

What do you dislike?

Part of the territory of having verbose control over a system is that it is more complicated to use and time consuming to manage. This can scare some of our staff away from being trained on it, leaving only a select few who can manage the product. That being said, it is still well worth the effort.

Recommendations to others considering the product

Have at least one full time staff assigned just to Carbon Black and mitigation - especially during initial implementation.

What business problems are you solving with the product? What benefits have you realized?

Protecting our endpoints even though we couldn't realistically remove admin rights from most of them.

0 of 0 found this helpful.
Helpful?
Cb Protection review by <span>Robert G.</span>
Robert G.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

The fact that the User Exchange is loaded with the very experts a company would call if they had an incident and needed help. It truly is like getting a free FTE for being a customer! Having endpoints in high enforcement so that only the files that are approved are allowed to run. The ability to single out the most threatening endpoints.

What do you dislike?

I would like to see a Google style search to eliminate redundant rules. I would also like to have the panes freeze on pages so I could see the column names as I scroll down.

Recommendations to others considering the product

DO NOT fail to account for the value from the User Exchange! Many members are top IR and MSSP professionals. These are the very people you pay to come in and help if you have been breached. They are sharing their findings and helping you configure the product to stop advanced threats.

What business problems are you solving with the product? What benefits have you realized?

Protecting endpoints from malware. Knowing what software exists within our organization. Having all of our endpoints in high enforcement gives us a consistent level of protection and helps eliminate lateral movement of any threats that might get in. The console also helps uncover endpoints that have general OS health issues so we can address them quickly.

0 of 0 found this helpful.
Helpful?
Cb Protection review by <span>Dan A.</span>
Dan A.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

With Carbon Black on our endpoints, we were able to detect and block bit coin mining software that wasn't even detected my our AV software. Using a score from Virus Total threat feed, Carbon Black alerted us of the malware. Carbon Black showed us in detail how the exe was spawned, which processes were involved and that it was communicating to an external IP address. Through the carbon black console, we were able to connect to the machine and delete the exe. Then we set the file (hash) to be banned, this way any endpoints in the future would not be able to run this process, keeping our Enterprise free of these resource stealing bit mining. This is just one real world example of how Carbon Black has paid for itself in our environment.

What do you dislike?

There isnt too much to dislike but if I had to pick it would probably be the console, it could be a little more user intuitive but we are sending our CB data to Splunk, so we use the console minimally.

Recommendations to others considering the product

Test CB out in a POC and you are sure to realize its ROI.

What business problems are you solving with the product? What benefits have you realized?

Threat hunting and detection and banning hashes are all uses of CB.

0 of 0 found this helpful.
Helpful?
Cb Protection review by <span>Brad M.</span>
Brad M.
Validated Review
Verified Current User
Review Source
Validated Review
Verified Current User
What do you like best?

Carbon Black Enterprise Protection works exactly as advertised. Whether it’s malicious software or just unwanted software Carbon Black Enterprise protection stops it all while allowing what we want. We see the benefits daily. Since being in High Enforcement we have seen numerous cases of Ransom-ware stopped, along with tons of unwanted software from being installed. I wear many hats in my role and work with many technologies, and no company I work with offers the quality of services that Carbon Black does. Their Training, Planning and Implementation Services, Support, User Community, and Tech Assessments ensure customer success.

What do you dislike?

We have a handful of 3rd party unknown, unsigned software packages that can be tricky to keep running seamlessly to the end user. Especially when these packages auto update themselves. You really need to have a good understanding of these packages to be able to create the rules needed to allow them to function. Bit9 Support is great on helping you out with these rare cases.

Recommendations to others considering the product

Contact Carbon Black and setup a trial. I think you will be sold.

What business problems are you solving with the product? What benefits have you realized?

Number one is definitely stopping malicious software from executing. Shortly before rolling out Carbon Black Enterprise protection we were hit with a couple instances of Ransom-ware. Since rolling out Carbon Black in High Enforcement Mode we have had none. On top of stopping malicious software Carbon Black EP stops tons of unwanted software. We have some users who are local admins on their PC's due to a 3rd party applications requirements. Carbon Black allows this software to run, while keeping the Local admins from installing unwanted or malicious items, even with Admin Rights. We also have a level of visibility that we have never had. Paired with Carbon Black Enterprise Response you will know exactly what is going on in your Environment.

0 of 0 found this helpful.
Helpful?

Learn more about Cb Protection

Cb Protection Videos

Kate avatar
Kate from G2 Crowd

Learning about Cb Protection?

I can help.
* We monitor all Cb Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. Validated reviews require the user to submit a screenshot of the product containing their user ID, in order to verify a user is an actual user of the product.