| Name | Description | Version | Release Date | Supported Products |
|---|---|---|---|---|
| Binary Toolkit | Lets you integrate between Carbon Black Cloud Enterprise EDR and a binary analysis engine, like YARA. | 1.1.0 | 2020-11-20 | Enterprise EDR |
| QRadar App | Configures a connection in QRadar to ingest alerts, audit logs, and events from Carbon Black Cloud using the Data Forwarder and APIs into IBM QRadar. Actions such as quarantining devices and adding IOCs to watchlists can be initiated in QRadar to take effect in Carbon Black Cloud. | 2.3.0 | 2024-06-05 | Platform Workload Enterprise EDR Endpoint Standard |
| Service Now: ITSM App SecOps App Vulnerability Response (VR) App |
Ingest Alerts and Vulnerabilities from Carbon Black Cloud to Service Now and automatically create Service Now incidents to track the resolution. A large set of actions such as quarantining devices are available to be initiated in ServiceNow and take effect in Carbon Black Cloud. | ITSM App: 3.0.0 SecOps App: 3.0.0 VR: 2.0.0 |
2024-03 | Platform Workload Enterprise EDR Endpoint Standard |
| Splunk SIEM App | Lets administrators bring alerts, events, audit logs, or vulnerability data from Carbon Black Cloud into their Splunk dashboard. | 2.2.x | 2023-08-17 | Platform Workload Enterprise EDR Endpoint Standard Audit and Remediation |
| Splunk SOAR App | Configures a connection in Splunk SOAR to ingest alerts from Carbon Black Cloud using the REST APIs. Actions can be initiated in Splunk SOAR to take effect in Carbon Black Cloud. | 2.0.0 | 2024-02-12 | Platform Enterprise EDR Endpoint Standard Audit and Remediation |
| Threat Intelligence Connector | A python connector for ingesting and processing STIX Content from various third party sources, such as TAXII servers or directly from XML or JSON files. | 1.10 | 2024-07-25 | Enterprise EDR |
| Name | Description | Recommended Use Cases |
|---|---|---|
| Carbon Black Cloud Python SDK | Provides an easy interface to connect with Carbon Black Cloud products. Use this SDK to more easily query and manage your endpoints, manipulate data as Python objects, and harness the full power of Carbon Black Cloud APIs. | |
| Carbon Black Cloud API Documentation | Provides information on how to utilize the Carbon Black Cloud APIs directly to build custom integrations and seamlessly connect with your existing security suite. | |
| Carbon Black Cloud Postman Collection | Provides an easy interface to call the Carbon Black Cloud APIs without no scripting or coding knowledge required. |