Why are the Geographical IP (GeoIP) locations shown in some Events incorrect when reviewing the IP Address data via external GeoIP sources?

The Carbon Black Cloud leverages a third-party service for GeoIP look-ups. GeoIP services are able to resolve to the right city or location most of the time, but GeoIP look-ups are never completely accurate. In some cases the location shown for an Event will be significantly different from what can be found checking GeoIP Location services directly.

We are unable to share which third-party service is being used, as the provider may be changed to address any issues.
We continue to work with our GeoIP provider to show as accurate information as possible. Unfortunately, there will always be cases where the GeoIP data is inaccurate due to the innate nature of GeoIP which is especially true in relation to the newer IPv6 protocol.