at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
VMware Carbon Black Cloud from Carbon Black (VMware)
A cloud-native endpoint protection platform that prevents, detects, and responds to sophisticated attacks. Features include next-generation antivirus, endpoint detection and response, and managed threat hunting tailored for financial security environments.
More about Carbon Black (VMware)
Product analysis by function
Cybersecurity Solutions for IT and Infrastructure
Systems that protect the bank's information assets from cyber threats and ensure secure banking operations.
More Cybersecurity Solutions
More IT and Infrastructure ...
Access Control
(7 Yes /7 Known /11 Possible features)
|
Multi-factor Authentication Requires multiple forms of verification before granting access. |
VMware Carbon Black Cloud supports multi-factor authentication for administrator and user access to the cloud console (per VMware documentation). | |
|
Role-Based Access Control Grants permissions based on user roles and responsibilities. |
Role-based access control is prominently documented and available in Carbon Black Cloud for granular permissions management. | |
|
Single Sign-On (SSO) Allows users to authenticate once for multiple applications. |
Single Sign-On (SSO) is supported using SAML, as noted in VMware Carbon Black Cloud documentation. | |
|
Access Logging Records all access attempts for audit trails. |
Access and audit logging is a key feature for forensic investigation, as referenced in platform capability guides. | |
|
Privileged Account Management Controls and monitors elevated permissions. |
No information available | |
|
User Session Timeout Automatically terminates inactive sessions. |
User session timeout can be configured for management console users, per VMware Cloud security documentation. | |
|
Device Whitelisting Restricts access to approved devices only. |
No information available | |
|
Granular Permission Levels Supports fine-grained permissions per function. |
Granular permission assignment is detailed in RBAC documentation for Carbon Black Cloud. | |
|
API Key Management Secures and controls access to APIs. |
API key management, including provisioning and revocation, is available for the Carbon Black API. | |
|
Geolocation-based Access Restrictions Limits access based on user's physical or network location. |
No information available | |
|
Number of Supported Authentication Methods The total number of different authentication methods available (e.g., biometric, SMS OTP, hardware key, etc.). |
No information available |
Data Protection
(4 Yes /4 Known /10 Possible features)
|
End-to-End Encryption Encrypts data during all states and transfers. |
End-to-end encryption for data in transit and at rest is described in VMware's security whitepapers. | |
|
Database Encryption Encrypts stored data in databases. |
Data stored in Carbon Black Cloud is encrypted at the database level, per security compliance docs. | |
|
File Integrity Monitoring Detects unauthorized changes to critical files. |
No information available | |
|
Data Masking Obfuscates sensitive data in non-production environments. |
No information available | |
|
Tokenization Replaces sensitive information with random tokens. |
No information available | |
|
Data Loss Prevention (DLP) Prevents unauthorized data transfer or loss. |
No information available | |
|
Data Backup Frequency Frequency at which backups of critical data are performed. |
No information available | |
|
Audit Logging Maintains comprehensive logs of data access and changes. |
Audit logs are available for user and system actions on endpoints and the management console. | |
|
Automated Key Rotation Automatically rotates cryptographic keys at defined intervals. |
No information available | |
|
Retention Policy Management Controls how long data is kept and when it is deleted. |
Retention policy management is provided for logs and event data to aid in compliance alignment. |
Network Security
(5 Yes /6 Known /10 Possible features)
|
Firewall Provides perimeter security by filtering incoming and outgoing network traffic. |
Firewall capability is enabled on endpoints for threat prevention (part of Carbon Black's EDR suite). | |
|
Intrusion Detection System (IDS) Monitors and detects malicious network activity. |
Provides network intrusion detection as part of advanced threat prevention features. | |
|
Intrusion Prevention System (IPS) Blocks and prevents detected threats. |
Intrusion prevention is integrated as part of the EDR/NGAV features. | |
|
Virtual Private Network (VPN) Secures remote access to banking resources. |
Not as far as we are aware.* Carbon Black Cloud does not explicitly provide VPN capabilities; it's focused on endpoint security. | |
|
Network Segmentation Divides the network into separate zones for better security. |
No information available | |
|
Distributed Denial of Service (DDoS) Protection Detects and mitigates DDoS attacks. |
DDoS protection is not a primary focus of endpoint security, but platform is resilient to DDoS via VMware cloud infrastructure. | |
|
Deep Packet Inspection Examines traffic for threats beyond simple packet headers. |
No information available | |
|
Encrypted Network Traffic Ensures all internal and external communication is encrypted. |
Network traffic to and from endpoints and the management/control plane is encrypted per cloud security practices. | |
|
Bandwidth Monitoring Monitors bandwidth utilization for anomalies. |
No information available | |
|
Network Traffic Analysis Capability The number of simultaneous connections that can be analyzed. |
No information available |
Threat Detection and Response
(7 Yes /7 Known /10 Possible features)
|
Security Information and Event Management (SIEM) Aggregates, analyzes, and alerts on security events. |
Integrated with SIEM (Security Information and Event Management) platforms; API and log forwarding supported. | |
|
Automatic Threat Remediation Responds to detected threats without manual intervention. |
Automatic threat remediation via policy-driven response and integrations with SOAR/SIEM platforms is referenced in product literature. | |
|
Real-time Alerting Notifies security personnel immediately upon threat detection. |
Immediate/real-time alerting features (including email, dashboards, and SIEM/SOAR integration) are a core function. | |
|
Threat Intelligence Integration Ingests external threat intelligence feeds. |
Carbon Black Cloud supports external threat intelligence feed integration (documented API). | |
|
Incident Response Playbooks Provides pre-defined procedures for common security incidents. |
Incident response workflows, automation, and suggested playbooks are supported by integrated orchestration features. | |
|
Threat Simulation and Red Team Testing Supports simulated attacks for evaluation. |
Threat simulation (such as red team testing support) is available as part of threat hunting and testing capabilities. | |
|
False Positive Rate The percentage of security alerts that are determined to be benign. |
No information available | |
|
Time to Detect Average time between threat occurrence and detection. |
No information available | |
|
Time to Respond Average time between detection and mitigation. |
No information available | |
|
Automated Compliance Reporting Generates regulatory and incident response reports automatically. |
Automated compliance and regulatory reporting is available, especially for financial organizations. |
Endpoint Security
(8 Yes /8 Known /10 Possible features)
|
Endpoint Detection and Response (EDR) Monitors endpoints for threats and suspicious activity. |
EDR (Endpoint Detection and Response) is the foundational feature of VMware Carbon Black Cloud. | |
|
Anti-malware Protection Prevents malicious software from infecting endpoints. |
Anti-malware protection (next-generation antivirus) is a core function of Carbon Black Cloud. | |
|
Device Control Restricts usage of external devices like USB drives. |
No information available | |
|
Patch Management Automates the distribution of security updates. |
Automated patch management/enforcement is available through device management integration. | |
|
Mobile Device Management (MDM) Secures and manages mobile endpoints. |
Mobile device management (MDM) features available via integrations with MDM solutions. | |
|
Remote Wipe Capability Erases data from lost or stolen devices remotely. |
Remote wipe for lost or stolen devices is supported through endpoint control policies. | |
|
Application Whitelisting/Blacklisting Controls which applications can be installed or run. |
Whitelisting/blacklisting of applications is explicitly supported for endpoints. | |
|
Endpoint Isolation Allows quick quarantine of compromised devices. |
EndPoint isolation (quarantine of compromised devices) is a documented feature. | |
|
Number of Devices Supported Maximum number of endpoints protected by the solution. |
No information available | |
|
Endpoint Policy Enforcement Automatically enforces security policies on all endpoints. |
Policies are enforced on all endpoints for security posture management. |
Fraud Detection and Prevention
(8 Yes /8 Known /10 Possible features)
|
Behavioral Analytics Analyzes user behavior for anomalies indicative of fraud. |
Behavioral analytics for users and processes are applied to detect anomalous actions/fraud. | |
|
Transaction Monitoring Monitors transactions in real time for suspicious patterns. |
Transaction monitoring for endpoint activities and processes is intrinsic to EDR/XDR. | |
|
Machine Learning Models Uses AI models to identify emerging fraud techniques. |
Machine learning and AI are used for behavioral detection and classification of threats. | |
|
Geolocation Verification Checks if transactions originate from expected regions. |
Geolocation verification is available within alerting/policy functions when combined with device telemetry. | |
|
Device Fingerprinting Identifies repeat or suspicious devices. |
Device fingerprinting is core to Carbon Black's detection of suspicious and repeat endpoints. | |
|
Case Management Tracks fraud investigation from detection to closure. |
Case management capabilities for tracking and documenting incidents are integrated in the management console. | |
|
Rule-based Alerts Generates alerts based on pre-set fraud rules. |
Rule-based detection and alerts are customizable. | |
|
False Positive Rate Percentage of transactions erroneously flagged as fraud. |
No information available | |
|
Detection Speed Average time taken to detect suspicious activities. |
No information available | |
|
Integration with Core Banking Systems Supports real-time integration with existing banking infrastructure. |
SIEM/log API integrations with core banking and IT systems is a standard deployment practice. |
Application Security
(5 Yes /5 Known /10 Possible features)
|
Web Application Firewall (WAF) Protects web applications from common exploits. |
No information available | |
|
Vulnerability Scanning Regularly scans for known security weaknesses. |
Vulnerability scanning on endpoints is performed and reported in the platform. | |
|
Secure Coding Standards Enforcement Ensures adherence to secure development practices. |
No information available | |
|
Regular Penetration Testing Conducts simulated attacks to find weaknesses. |
Regular penetration testing is supported through integration partners and recommended for deployments. | |
|
Automated Patch Deployment Deploys application security patches automatically. |
Automated patch deployment for software vulnerabilities is supported. | |
|
Code Obfuscation Makes application source code harder to reverse-engineer. |
No information available | |
|
Session Management Security Protects active user sessions against hijacking. |
Session management security (including session locking and device re-authentication) is described in device policy documentation. | |
|
API Security Controls Protects and monitors API endpoints. |
API security controls (authentication, rate limiting) are provided for data integrations. | |
|
Number of Supported Programming Languages The range of programming frameworks or languages natively supported for secure app development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Integration Integrates tools for runtime security testing of applications. |
No information available |
Regulatory Compliance
(6 Yes /7 Known /10 Possible features)
|
Prebuilt Compliance Reporting Offers reports tailored for key banking regulations. |
Prebuilt compliance reporting is available for common regulatory frameworks relevant to financial services. | |
|
Automated Policy Management Automates the application and monitoring of compliance policies. |
Automated policy management for compliance and device security is a listed feature. | |
|
Audit Trail Management Maintains immutable logs for audit purposes. |
Comprehensive, immutable audit trail management is present for compliance. | |
|
Regulatory Change Monitoring Tracks changes in relevant regulations and standards. |
Not as far as we are aware.* Direct regulatory change monitoring is not a native function; may require third-party integration. | |
|
Self-assessment Tools Allows internal audits for compliance readiness. |
No information available | |
|
Compliance Workflow Automation Automates workflows to meet compliance requirements. |
Compliance workflow automation is supported via rules, playbooks, and dashboard reporting. | |
|
Data Residency Controls Specifies where data can be stored based on regulations. |
No information available | |
|
Regulatory Coverage Number of major regulations covered out-of-the-box. |
No information available | |
|
Retention Policy Automation Automatically applies data retention and deletion policies. |
Retention policies are enforceable on endpoint data and incident records. | |
|
Secure Document Management Secure storage and retrieval of compliance documentation. |
Compliance documentation is securely stored and accessible to authorized users. |
Identity and Access Management (IAM)
(8 Yes /8 Known /10 Possible features)
|
Centralized User Directory Maintains a single source of truth for user authentication. |
Supports centralized user directory via integrations with Active Directory and LDAP. | |
|
Self-service Password Reset Allows users to reset passwords without admin assistance. |
Self-service password reset options for platform users are available. | |
|
User Provisioning and Deprovisioning Automates onboarding and offboarding staff access. |
Automated provisioning and deprovisioning via directory integrations and policy enforcement. | |
|
Federated Identity Support Allows use of external identity providers (SAML, OAuth, etc.). |
Federated Identity is supported (SAML/OAuth for SSO). | |
|
Access Certification Regularly reviews and certifies user privileges. |
No information available | |
|
Credential Encryption Ensures user credentials are encrypted at rest and in transit. |
Credentials are strongly encrypted as per industry best practices. | |
|
Group Management Supports management of user groups and access policies. |
Group management for users and policy assignment supported via RBAC. | |
|
Identity Federation Integrations Number of external identity federations supported. |
No information available | |
|
Password Policy Enforcement Automatically applies strong password requirements. |
Enforces configurable password policies (length, complexity, rotation). | |
|
User Access Review Automation Automates periodic reviews of user access rights. |
Periodic user access review automation is part of compliance toolkit. |
Monitoring and Reporting
(8 Yes /8 Known /10 Possible features)
|
Real-time Dashboards Visualizes live security and system data. |
Real-time dashboards for endpoint and security events provided via web console. | |
|
Customizable Reports Allows users to define and schedule security and compliance reports. |
Supports creation and scheduling of custom security and compliance reports. | |
|
Alert Threshold Customization Enables setting of specific alert thresholds. |
Alert threshold customization supported in user-defined policies. | |
|
Historical Data Retention Keeps historical security data for analysis. |
Historical data retention is enabled for a configurable period for analysis and compliance. | |
|
Audit Log Integration Centralizes logs from various sources. |
Supports centralization of audit logs from multiple endpoints/application sources. | |
|
Automated Reporting Frequency How often reports are automatically generated. |
No information available | |
|
User Activity Monitoring Tracks user activities for policy violations. |
User and endpoint activity monitoring is a core EDR feature. | |
|
Custom Alert Channels Supports multiple channels for alerting (email, SMS, app). |
Multiple custom alert channels (email, SIEM, dashboards) are supported. | |
|
Third-party Log Integration Integrates with external log and monitoring providers. |
Third-party log integration is supported for SIEM, SOAR, and other logging solutions. | |
|
Report Retention Period Length of time reports are stored and accessible. |
No information available |
Resilience and Recovery
(6 Yes /6 Known /10 Possible features)
|
Disaster Recovery Planning Provides tools for planning and testing disaster recovery. |
Disaster recovery planning capabilities through VMware's platform, plus endpoint backup/restore information. | |
|
Business Continuity Management Ensures continued operations during disruptions. |
Business continuity features are outlined in cloud service and endpoint protection documentation. | |
|
Automated System Failover Automatically switches to backup systems on failure. |
No information available | |
|
Backup and Restore Automation Automates data and system backup/restore processes. |
Backup and restore automation is available when integrated with IT management systems. | |
|
Ransomware Recovery Supports fast recovery from ransomware attacks. |
Ransomware recovery procedures are detailed in VMware documentation; fast response and reimaging supported. | |
|
Recovery Time Objective (RTO) Target time to restore function after disruption. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable amount of data loss after an incident. |
No information available | |
|
Resilience Testing Support Enables regular testing of resilience and recovery plans. |
No information available | |
|
Automated System Health Checks Monitors backup and resilience readiness automatically. |
Automated system health checking for endpoint agents and cloud console availability is included. | |
|
Service Level Agreement (SLA) Monitoring Tracks compliance with recovery SLAs. |
SLA monitoring is documented as part of managed service and platform resilience (pertains to recovery and support). |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.