Back to Blogs
Announcing VMware Carbon Black Cloud App v1.0.0 for Splunk SOAR
Announcing VMware Carbon Black Cloud App v1.0.0 for Splunk SOAR
Posted on January 18, 2023
Carbon Black Cloud Integration with Splunk SOAR
We are proud to announce the first release of a unified integration connecting the VMware Carbon Black Cloud platform with Splunk SOAR. Through this application, customers can integrate Carbon Black Cloud actions and data into Splunk SOAR workflows using a single application. Additionally, customers can integrate their endpoint protection platform functionality either directly from the Carbon Black Cloud, or from Splunk SIEM (using the Splunk App for Splunk SOAR), and eliminate the need for outdated or custom-built integrations.
Features:
- Ingest CBC Alerts either directly via the REST API or via Splunk Enterprise via the Splunk app for Splunk SOAR
- Over 30 SOAR actions that can be used in custom playbooks tailored to the customer’s environment or use case, including Live Response actions that are executed on the endpoints
- Example playbooks that can be readily deployed
Benefits:
- Orchestrate and automate Carbon Black Cloud actions
- Operationalize your Carbon Black Cloud data with speed and confidence
- Reduce pivoting between consoles by integrating endpoint context and response actions directly into the Splunk SOAR console
Resources:
Have questions or feedback?
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community
- Report bugs and change requests to Carbon Black Support