News Releases3 min read

Carbon Black Introduces CB LiveOps for Real-Time Query and Response, Surpassing Tanium and CrowdStrike With Its Complete, Cloud-Native Security Platform

CB LiveOps is built on an industry-leading security platform that combines real-time query and response, next-generation antivirus, endpoint detection and response, and managed threat hunting services within a single console and from a single agent

WALTHAM, MA — August 2, 2018 –– Carbon Black (NASDAQ: CBLK), a leader in next-generation endpoint security, today announced the release of CB LiveOps™. CB LiveOps extends core functionality of osquery to empower organizations to ask questions of all endpoints, take action to remediate identified issues in real time, and simplify operational reporting. It is the newest offering built on Carbon Black’s groundbreaking CB Predictive Security Cloud (PSC), a platform that delivers complete endpoint prevention, detection, and response, all from a single agent.

Delivering CB LiveOps on the PSC gives customers a consolidated and comprehensive, cloud-native security stack, one that bridges security and IT operations. As a result, organizations can move away from existing offerings in the market, such as those offered by Tanium and CrowdStrike, to a solution that delivers a full suite of functionality serving both security and IT teams. With CB LiveOps, security teams can perform in-depth investigations, conduct remote remediation from the cloud, and perform on-demand vulnerability assessments, all within a single solution.

“We are excited to see CB LiveOps change the game for security operations,” said Ryan Polk, Carbon Black’s Chief Product Officer. “To date, there has been a gap in security platforms, which lack the ability to make real-time inquiries across the entire endpoint fleet. By leveraging and extending osquery, the open-source tool used by hundreds of the world’s largest enterprises, we are filling this gap, delivering what we believe is the most complete security platform, which combines advanced prevention, detection, response, and IT operations delivered from the same agent, same login screen, and same UI as all other Carbon Black offerings on the PSC.”


Tweet this: Real-time query + response, NGAV, EDR, and managed threat hunting from a single platform, with a single agent and single console? You asked, we delivered! @CarbonBlack_Inc’s CB LiveOps leverages #osquery to give #secops a complete cloud security platform

“CB LiveOps enables our incident response (IR) team to acquire key forensic artifacts that normally would require additional collection and offline parsing,” said Tim Stiller, Senior Incident Response Consultant at Rapid7. “It allows our teams to scale out our response from one to hundreds of systems. This allows us to quickly scope out an engagement to determine root cause.”

CB LiveOps provides additional value in bridging the gap between security and operations and empowers IT administrators to provide ROI well beyond the typical security use cases including: immediate IT hygiene analysis, on-demand compliance audits, and seamless asset management.

New Use Cases Enabled by CB LiveOps

  • Inspect Endpoints in Real Time: Security analysts need immediate answers to critical questions across their entire fleet of endpoints during attacks. CB LiveOps provides access to more than 1,500 unique endpoint artifacts to help analysts discover and analyze attacks to respond to incidents at a whole new level. For example, if during an investigation the security team determines that credentials have been stolen, CB LiveOps can query all endpoints to see if, and where, the credentials have been used for attempted logins, and if, and where, these credentials are currently in use.

  • Verify Patch-Level Compliance: Security and IT teams can use CB LiveOps to automate queries of all endpoints and determine if all machines are at the right level of compliance. Additionally, to meet real-time or ongoing reporting needs, teams can use CB LiveOps to automate operational reporting on patch levels, user privileges, disk-encryption status, and more.

  • Remediate Attacks in Real Time: Once an attack is identified, CB LiveOps allows administrators to open a session within seconds to terminate processes, delete files, or execute a background process to remediate the threat in real time – no matter where the compromised endpoints are located, eliminating uncertainty and greatly reducing any downtime that results from an attack.

“There is a need for a combined strategy between IT and security,” said Carl Erickson, Head of Information Security at Signify (previously Philips Lighting). “CB LiveOps is directly in line with what is required from SOC analysts. The ability to actually do live queries rather than rely on teams to use existing data is a big step forward.”


CB LiveOps Blog
CB LiveOps Datasheet
Webinar: How to Bridge the Security and Operations Gap
Learn More About the CB Predictive Security Cloud (PSC)
Follow @CarbonBlack_Inc on Twitter
Report: China, Russia & North Korea Launching Sophisticated, Espionage-Focused Cyberattacks
Stay up to date on the Carbon Black Blog

About Carbon Black

Carbon Black (NASDAQ: CBLK) is a leading provider of next-generation endpoint security. Carbon Black serves more than 4,000 customers globally, including 33 of the Fortune 100. As a cybersecurity innovator, Carbon Black has pioneered multiple endpoint security categories, including application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV). Leveraging its big data and analytics cloud platform – the CB Predictive Security Cloud – Carbon Black solutions enable customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise or as a managed service, customers use Carbon Black solutions to lock down critical systems, hunt threats, and replace legacy antivirus.

Carbon Black and Predictive Security Cloud and CB LiveOps are registered trademarks or trademarks of Carbon Black, Inc. in the United States and other jurisdictions.