Audit and Remediation APIs and Integrations
Carbon Black Cloud Audit and Remediation is the new name for the product formerly called CB LiveOps.
Introduction
Audit and Remediation is a real-time query and remediation solution that gives teams faster, easier access to audit and change the system state of endpoints across their organization.
By providing administrators with real-time query capabilities from a cloud-native endpoint protection platform, Audit and Remediation enables teams to make quick, confident decisions to improve their security posture. Audit and Remediation closes the gap between security and operations, allowing administrators to perform full investigations and take action to remotely remediate endpoints all from a single solution.
Audit and Remediation is built on the Carbon Black Cloud, the only cloud-native endpoint protection platform (EPP) that combines on-demand query functionality with advanced prevention, detection, and response.
Getting Started
Partners and customers can now perform any action available in the Audit and Remediation console programmatically via APIs.
This means users will now be able to integrate results from Audit and Remediation with the rest of their security stack to improve workflows and enable faster, more confident responses across all workloads in their environment.
For example, with the Audit and Remediation APIs, users can schedule queries to run on regular intervals and then use the results to automatically take action on devices
Postman Collection
Use the Postman Collection in the Carbon Black Workspace to make API calls using Postman.
All Documents
Latest
| Document | Release Date |
|---|---|
| Differential Analysis API v1 | July, 2022 |
| Live Query API v1 | January, 2020 |
Integrations
See our latest integrations that utilize the APIs to enhance customer workflows.
| Name | Description | Version | Release Date | Supported Products |
|---|---|---|---|---|
| CBC Python SDK | Provides an easy interface to connect with Carbon Black Cloud products. Use this SDK to more easily query and manage your endpoints, manipulate data as Python objects, and harness the full power of Carbon Black Cloud APIs. | 1.5.1 | 2024-01-30 | Platform Workload Enterprise EDR Endpoint Standard Audit and Remediation |
| Splunk App | Lets administrators bring alerts, events, audit logs, or vulnerability data from Carbon Black Cloud into their Splunk dashboard. | 1.1.10 | 2023-08-17 | Platform Workload Enterprise EDR Endpoint Standard Audit and Remediation |
Give Feedback
New survey coming soon!
Last modified on February 27, 2023