Posted on July 18, 2022
Customers with Carbon Black Cloud Audit & Remediation can now perform differential analysis on scheduled queries using the Differential Queries API. This feature will allow users to answer the question, “What has changed since the last time this query ran?”
The Differential Analysis API enables users to only view changes to the results of scheduled queries between different sessions, saving time and manual effort by making it easier to track system changes over time. This release automates a formerly manual process so that analysts can spend less time identifying devices for remediation and more time remediating the devices that are out of compliance.
Carbon Black Cloud Audit & Remediation provides osquery functionality directly within the Carbon Black Cloud console, enabling users to ask questions and take action on their endpoints and workloads in real time. Audit & Remediation helps quickly answer questions about IT hygiene, compliance with internal and external guidelines, and respond directly with the ability to remotely update system configurations.
Differential Analysis can be used to monitor files, folders, and registry keys with a low probability for change to identify indicators of compromise, including: