Posted: 5 Min ReadProduct Insights

The EDR That Became Legend

From humble beginnings to unparalleled hits, Carbon Black helped create a chart-topping category

We’re 25 years into the 21st century, yet today’s security landscape echoes much of the same uncertainty and challenges of the early 2000s. Back then, security teams lacked comprehensive, real-time visibility into endpoint activity, making breaches harder to detect and leaving organizations vulnerable for months. This meant unrelenting malware attacks, operational downtime and billions of dollars in mitigations.

It was in the face of this adversity that a legend was born—Carbon Black Endpoint Detection and Response (EDR). Forged through innovation and a commitment to redefining endpoint security, Carbon Black transformed the cybersecurity industry by creating a category. 

Keep reading to discover Carbon Black EDR’s epic evolution, from inception to becoming an industry-leading solution through the milestones, key features and recognitions that made Carbon Black legendary. 

The genesis of a legend: Carbon Black’s origins 

Carbon Black’s journey began (and then evolved) like many others in the tech and cybersecurity space—as a culmination of innovative problem solving and strategic acquisitions. It begins with a company called Bit9, founded in 2002 on a U.S. government hunch that traditional, “negative” security models couldn’t keep up, but a zero trust, positive security model could protect against skyrocketing threats and vulnerabilities. Organizations needed a way to whitelist their mission-critical applications, and Bit9 offered just the solution.

In 2011, a team of former NSA offensive hackers founded Carbon Black, and introduced a groundbreaking concept: proactively recording endpoint activity. Through comprehensive visibility during investigations, security teams could hunt for threats that may have sidestepped frontline protections like antivirus scans before they became a problem. The subsequent merger of Bit9 and Carbon Black marked a pivotal union of protection with visibility. And with it, the landscape of security changed. 

Key Milestones

  • 2002: Bit9 is founded and offers a way for organizations to whitelist applications. 

  • 2011: Carbon Black is formed, delivering the industry’s first EDR solution.

  • 2014: Bit9 merges with Carbon Black, shifting their focus to EDR, and ultimately creating a new market.

  • 2016: Carbon Black acquires Confer to expand its capabilities with NGAV and cloud-native solutions. 

  • 2018: Carbon Black goes public under the Nasdaq exchange ticker “CBLK.”

  • 2019: VMware acquires Carbon Black for $2.1 billion, integrating it into VMware’s security offerings. 

  • 2023: Broadcom acquires VMware, and with it, Carbon Black.

  • 2024: Two industry legends, Symantec and Carbon Black unite forces to form Broadcom’s new  Enterprise Security Group. 

And the rest is history.

Power chords: Carbon Black EDR’s epic capabilities

You don’t pioneer an entire market without hitting a few home runs in product capability, functionality and efficacy. And Carbon Black EDR offers a laundry list of capabilities for teams looking to add a second layer of defense to their environment. Our legendary EDR solution gives security teams customizable defenses and crystal-clear visibility, so they can detect and respond to advanced, globalized threats in real time. Sophisticated malware and stealthy cybercriminals can be sussed out, leaving them nowhere to hide thanks to a few key features. 

Continuous and centralized recording

Reduce investigation time to mere minutes. By centralizing access to continuously collected data, we’ve taken endpoint monitoring to a whole new level. Continuous recording ensures security professionals have all the information they need for real-time threat hunting and thorough investigations after a breach. 

Attack chain visualization and search 

Prevent alert fatigue like you mean it. Our intuitive attack chain visualizations can help your team quickly understand how an attack happened, close security gaps and learn valuable lessons from each incident. It’s all about putting the power back where it belongs—in the hands of your security analysts. 

Live response for remote remediation

Secure endpoints from anywhere. Because threats hound endpoints in and out of the office perimeters (and because SecOps teams increasingly work from anywhere), remote remediation is a game changer. Carbon Black’s live response capabilities empower incident responders to establish secure connections to infected hosts to pull or push files, stop processes, perform memory dumps and eliminate threats from anywhere in the world. 

Automation and open APIs

Make life a little easier. With an open platform and a rich ecosystem of partners Carbon Black EDR integrates seamlessly into your existing security stack. Automating repetitive tasks reduces the learning curve for new security analysts and lets your security team focus on staying ahead of threats while strengthening defenses. 

Carbon Black EDR in the wild: A 427% ROI

Organizations that rock with Carbon Black’s solutions demonstrated significant cost savings, avoided downtime due to data breaches and enhanced security operations efficiency, according to Forrester's Total Economic Impact (TEI) report. With a 75% reduction in mean time to resolution (MTTR), it’s no wonder our legendary solutions lead to composite organizations experiencing benefits of a 427% return on investment (ROI).

“This tool has enabled the team to become much more productive. They can monitor a lot more things. We’re not reactive anymore. We are proactive.” —Network support services manager, educational system (Source: Forrester Total Economic Impact Report)

Game recognizes game 

Over the years Carbon Black has earned numerous accolades, including: 

These awards serve as a confirmation of what we already knew: We are the EDR Champions. As a trusted leader in cybersecurity and EDR, we are trusted by the world’s most targeted organizations because of our industry-defining innovation, reliability and value. 

The legend lives on 

From our origins as a pioneer in next-generation EDR technology, Carbon Black continues to evolve to meet the demands of a dynamic and exceedingly complex cybersecurity landscape. And together, Symantec and Carbon Black are stronger than ever—our close partnership and evolving portfolio integration makes for legendary solutions that out-feature and out-perform the status quo solutions. Our combined portfolio is designed to meet you where you are. 

Ready to turn up your defenses? Get your copy of the eBook, How to feel more secure about EDR to find out what to look for in an EDR solution that, at least within your organization, will help you write your own legends.

Symantec Enterprise Blogs
You might also enjoy
4 Min Read

5 Signs That You’re Ready for EDR

How to tell you need a second line of defense

Symantec Enterprise Blogs
You might also enjoy
5 Min Read

3 Steps to Win Quickly With Carbon Black App Control

Start fast and strong as you implement default/deny

About the Author

Alisha Smith

Head of Product Marketing, Enterprise Security Group at Broadcom

Alisha Smith is the head of product marketing for Broadcom’s Enterprise Security Group, which offers cybersecurity solutions from Symantec and Carbon Black.

Want to comment on this post?

We encourage you to share your thoughts on your favorite social platform.