Skip to main content
  • keep your applications safe

Cb Protection by Carbon Black


"The most trusted way to lock down servers and critical systems with 100% efficacy"


Security experts including the FBI, the Department of Homeland Security, Gartner and NIST all agree – application control is the best security strategy for critical systems. Cb Protection is the most proven, widely deployed and easiest to manage application control solution available today. It enables organizations to establish automated software controls and protection policies that completely lockdown corporate assets, intellectual property and regulated data.

This solution combines application control, file integrity monitoring, device control and memory protection for the strongest system lockdown. The approach stops malware and non-malware attacks by preventing unwanted change. This is effective at stopping all file-based attacks and next-gen attacks that use obfuscated malware, as well as memory-based, and script-based techniques, like PowerShell.

  • Stop attacks by allowing only approved software to run
  • Automate software approvals and updates via IT and cloud-driven policies
  • Low touch solution: Less than one admin resource required per 10,000 systems protected
  • Prevent unwanted change to system configuration at the kernel and user mode levels
  • Power device control and file integrity monitoring and control (FIM/FIC) capabilities
  • Stops malware and next-gen attacks
  • Meet IT risk and audit controls across major regulatory mandates
  • Replace inadequate security controls and consolidate endpoint agents
  • Streamline regulatory and IT audit processes Increase efficiency of IT resources
  • Eliminate unplanned downtime of critical systems
  • Protects vulnerable legacy system
  • Lockdown corporate desktops, laptops
  • Point-of-sale terminals
  • ATM machines
  • Industrial Control Systems (SCADA)
  • Medical devices
  • Domain controllers
  • Financial trading platforms
  • Email and web application servers
  • VDI environments
  • Card data environments (CDE)
  • Unsupported systems
  • Fixed-function devices

With Cb Protection, your organization can enforce the integrity of your deployment configurations, continuously monitor critical-system activity, assess compliance risk and even achieve compliance for end-of-life systems. This helps maintain continuous compliance with numerous regulatory standards and frameworks, such as PCI-DSS, HIPAA/HITECH, SOX, NERC CIP, NIST 800-53, and more.

These features give your organization fast time to value, low-touch management and improved system performance. On average, Cb Protection requires less than one admin per 10,000 systems. Contact us today to learn more about this technology.