Endpoint MDR – XDR Service Add-on for Carbon Black

The XDR Service Add-On for Carbon Black provides continuous monitoring, detection, investigation, and response to security threats generated by in-scope devices with Microsoft Defender for XDR deployed. This service is intended to be delivered in conjunction with DeepSeas Endpoint MDR to maximize visibility and security across the Client's devices.

• Continuous ingestion and correlation of security telemetry within Carbon Black
• Analyst-led triage to distinguish true threats from false positives
• Execution of response actions and escalation in accordance with agreed runbook

• Carbon Black Standard and Carbon Black Enterprise are licensed, deployed, and properly configured
• Carbon Black XDR is licensed, deployed, and properly configured
• Required data sources and integrations are accessible to the service team

• Maintain valid Carbon Black XDR licensing
• Maintain required tenant console access to DeepSeas personnel
• Approve response runbook