Carbon Black Cloud: How is an endpoint protected?
search cancel

Carbon Black Cloud: How is an endpoint protected?


Article ID: 288040


Updated On:


Carbon Black Cloud Endpoint Standard (formerly Cb Defense)


How does Carbon Black Cloud protect endpoints?


  • Carbon Black Cloud Sensor: All supported versions.


Part of that answer lies in the proprietary software that can not be disclosed. 

This link provides a very good overview:

Devices that are online benefit from the full-functionality of Carbon Black Cloud. If a device is offline/in an environment without internet access, it is still protected in the following ways:

  • Cached reputations from previous cloud look-ups/background scan
  • Local AV scan (if enabled)
  • Policy rules still apply. Adding not_listed and unknown policy rules help protect against zero-day malware.
  • A device offline will not benefit from new cloud reputation look-ups or cloud analytics.