Correlate, validate and investigate Carbon Black EDR and Carbon Black Cloud Endpoint Standard alerts
Monitor potential threats
Monitor the state of your network infrastructure and systems with detected threats, hosts, top feeds and IOC’s, top processes, top watchlists, and alert trends
Detect outliers
See detailed information on the alerts in your environment, including alerts by mode, OS, report, and groups
Correlate processes and feeds
Gain insight on total feeds, feed trends, top and recent feeds, feed comparisons, and processes related to feeds
Pre-built Sumo Logic Carbon Black Dashboards
Sumo Logic provides a single pane of glass to reduce the complexity of managing multiple environments, with pre-configured, user friendly and customizable dashboards that take Carbon Black data and layers-on rich graphical reporting and depictions of trends over time.
Detect Spikes of Endpoint Alerts
See a high-level view of the state of your endpoint security, showing the number of detected threats, alerts, indicators of compromise, devices, users, and groups. The dashboard also highlight alert trends, top users, indicators, devices, applications, and reasons.
