Reputation Override APIs now available for Endpoint Standard
Posted on January 26, 2021
What is it?
The Reputation Overrides API is now available for Endpoint Standard customers. The Reputation Overrides API enables customers and partners to automate the management of hashes, certificates and IT Tools to their organization’s Allow List or Banned List.
The operations you perform with this API are reflected in the Reputations page in the CBC console, and in the Deny/Block, Terminate or Allow reactions performed by Endpoint Standard sensors.
Who is it for?
Carbon Black Cloud Endpoint Standard customers only.
This API will be supported for customers who have Enterprise EDR in the coming months. Until then, Enterprise EDR-only customers can manage their organization’s reputation overrides, but those reputation override configurations will have no effect on CBC sensor enforcement of banned hashes.
What can you do with it?
Actions you can take include adding, editing, deleting, searching and exporting of reputation override records for your organization.
Please note: The values used on request and response for the sha256 field are currently named BLACK_LIST and WHITE_LIST; they will be updated later this year in accordance with our Eliminating Offensive Terminology announcement last year.
This API will be integrated shortly into the Reputation page on the Carbon Black Cloud console.
Where do I go to get started?
See the Reputation Override API documentation for instructions on authenticating and more.
Endpoint Standard: Reputation Priority
Carbon Black Cloud: How to Utilize IT Tools Allow list Feature