VMworld and Code Connect Sessions

Back to Blogs

Posted on October 5, 2021

On October 5th - 6th 2021, VMware will host VMworld, including Code Connect.

During this event there will be several sessions to help customers leverage the full power of the Carbon Black Cloud through open APIs and technical integrations. After the live portion of the event has passed, you can still register to access the sessions on-demand. The following session highlight interesting ways to use Carbon Black Cloud APIs, the Python SDK and integrations.

Operationalizing Carbon Black Cloud for the Modern SOC

In the VMworld 2021 session Operationalizing Carbon Black Cloud for the Modern SOC - 1148, Bruce Deakyne and Ryan Fortress provide an overview of key Security Orchestration, Automation, and Response (SOAR) workflows that can be implemented using the Carbon Black Cloud and open-source orchestration tools.

The demo leverages the Carbon Black Cloud Python SDK with a Jupyter Notebook to implement common Context, Remediation, and Orchestration SOAR actions. End-to-end security workflows, such as credential scraping and malware, tie these actions together.

Learn More

Integrating IBM QRadar with Carbon Black Cloud

In the session Integrating IBM QRadar with Carbon Black Cloud - CODE2781 Milen Rangelov will demonstrate how to use QRadar to import Carbon Black Cloud data and view it alongside alerts from other system, triage the alerts and initiate actions in Carbon Black Cloud from QRadar. This presentation will go through the types of data that can be brought from Carbon Black Cloud to QRadar and the actions available.

Automating Ransomware Remediation

In the session Automating Ransomware Remediation with the VMware Carbon Black Cloud SDK - CODE2782 join Emanuela Mitreva and and Alex Van Brunt to see the Carbon Black Cloud Python SDK in action to automate and script default actions to collect the events associated with the alert and quarantine the device, then use Live Response to delete the known malware.