/plushcap/analysis/datadog/monitor-carbon-black-with-datadog

Monitor Carbon Black Defense logs with Datadog

What's this blog post about?

Creating security policies is crucial for protecting company data, especially with the increasing use of personal devices in workplaces. Carbon Black offers endpoint security software to monitor network safety and apply security policies across all devices. Datadog's integration with Carbon Black allows seamless monitoring of endpoints and triaging potential threats alongside other infrastructure data. The integration collects Carbon Black Defense audit logs, enabling users to create dashboards, threat detection rules, and custom metrics for better visibility into connected devices. With Datadog's Logging without Limits™, users can control which CB Defense logs they want to index while still analyzing and archiving everything. The integration helps identify endpoint activity in real time, malicious software running on an endpoint, and compromised devices. It also enables users to focus on the most critical threats by creating detection rules based on threat scores provided by Carbon Black. Additionally, Datadog can help monitor and isolate compromised devices, providing full context for the activity that generated signals and enabling quick identification of vulnerable systems.

Company
Datadog

Date published
June 5, 2020

Author(s)
Anshum Garg, Mallory Mooney

Word count
815

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.