Smart SOAR Integration

D3’s integration with Carbon Black automates and orchestrates workflows for endpoint protection, threat hunting, compliance, and incident response. Supporting a full range of automated actions, the joint solution reduces MTTR, triages endpoint events in D3’s Event Pipeline, and increases the quality of investigations.

Carbon Black Integration

Integration Features

Ingest Carbon Black alerts to trigger automated playbooks in D3
Trigger playbooks based on policy updates in Carbon Black
Automatically update watchlists, block hashes, quarantine endpoints, and send reports
Enrich endpoint events with D3’s full spectrum of security data

Key Use Case

#1: Endpoint Incident Response Automation

D3 users can ingest endpoint alerts from Carbon Black automatically or through manual escalation. D3 then enriches and contextualizes the event. If the event is deemed a true positive, D3 triggers an automated response playbook or assignment to an analyst for further investigation or approval. The playbook will orchestrate remediation actions through Carbon Black, such as quarantining affected endpoints.

Carbon Black Integration

#2: Threat Hunting

Using D3 and Carbon Black as an integrated threat hunting solution speeds the investigation of new threats by streamlining the entire process from learning of the threat, to finding instances of it on endpoints, to quickly remediating it. All this can be orchestrated from D3. Being able to build and trigger threat hunting playbooks in D3 also helps ensure consistency and reduce human error.

Carbon Black Integration

Meet Our Friends

Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.

X Carbon Black Integration

Get Started with D3 Security

One platform to stop alert overwhelm. Transform how your security team works, by focusing its resources on real threats.