Security Connect Sessions Available On-Demand
Posted on June 24, 2021
On June 3rd, VMware hosted Security Connect, an event focused on our security community and the tools they use to deliver security to their organizations. During this event, several sessions were provided that help customers leverage the full power of the Carbon Black Cloud through open APIs and technical integrations.
Even though the live portion of the event has passed, you can still register today to access the sessions on-demand until early September. Check them out while you still can! Sessions highlighting Carbon Black Cloud APIs and integrations are listed below:
Automated Threat Hunting and Incident Response Use Cases with Carbon Black Cloud and SIEM
With the latest release of the VMware Carbon Black Cloud App for Splunk, we’ve consolidated key features from our platform into a single integrated solution that streamlines SIEM and SOAR workflows between Splunk and the VMware Carbon Black Cloud. This session will provide an overview of key threat hunting and incident response use cases that can be accomplished using the built-in adaptive response actions and dashboards in the latest Splunk App or using your SIEM tool.
For more information about our latest Splunk app and threat hunting use cases, check out this blog on the same topic.
Choosing Your Developer Toolkit
Learning an API can extend your ability to complete simple tasks at scale, but they can take time to master and operationalize. In this session, Bruce Deakyne, Sr. Product Manager, and Alex Van Brunt, SBU Developer Relations, discuss the tools available to security practitioners to operationalize the VMware Carbon Black Cloud functionality through other tools and dashboards. Hear the latest updates and enhancements that have been made to VMware Carbon Black Cloud’s open APIs and developer tools, including the VMware Carbon Black Cloud python SDK.
For more information about the latest release of the Carbon Black Cloud python SDK, check out the github repo about the latest enhancements.
Implementing Query Packs via Audit & Remediation APIs
To fully see the benefit of Audit & Remediation, organizations must move past running a bunch of individual queries in the GUI and leverage the API. This session provide an overview of automating help desk operations by creating a website that would take a request, run a number of queries against a specific endpoint, and the write the output of all the queries to a webpage. Learn how the help desk analyst, with all the vital information at hand, can do a great deal of troubleshooting and make the whole process more efficient and effective.
Operationalizing Carbon Black Cloud for the Modern SOC
For modern SOC teams, automation and orchestration are key to enable speed and accuracy throughout day-to-day operations. In this session, Sr. Tech Alliances Engineer Ryan Fortress and Sr. Product Manager Bruce Deakyne will provide an overview of key Security Orchestration, Automation, and Response (SOAR) workflows that can be implemented using the Carbon Black Cloud and open-source orchestration tools. These use cases can be implemented in any environment using your orchestration tool of choice to accelerate, standardize and scale common security workflows spanning multiple tools.
To leverage these workflows in your own environment, check out this post in our Community Showcase.