Back to Blogs

Announcing VMware Carbon Black Extended Detection and Response (XDR)

Posted on March 15, 2023

VMware Carbon Black Extended Detection and Response (XDR) greatly enhances lateral security by leveraging telemetry. Security teams can leverage VMware Carbon Black XDR to quickly identify threats across their environment and make better-informed decisions in applying prevention policies.

You can visualize and analyze relevant network data. For example:

  • Signatures of network connections (JA3 and JA3S thumbprints)
  • Network intrusion detection
  • Security wrapper details (TLS data)
  • Signer of certificate (encryption - TLS data)
  • HTTP details


  • XDR is an add-on to Carbon Black Enterprise EDR
  • Auth Events is included with Carbon Black Enterprise EDR
  • Both require the Carbon Black Cloud Windows Sensor 3.9.1 MR1+

API Information


Have questions or feedback?