CB LiveOps API

As of January 2020, CB LiveOps is now called Audit and Remediation. All documentation will be updated in the coming months to reflect our new product names.


CB LiveOps is a real-time query and remediation solution that gives teams faster, easier access to audit and change the system state of endpoints across their organization.

By providing administrators with real-time query capabilities from a cloud-native endpoint protection platform, CB LiveOps enables teams to make quick, confident decisions to improve their security posture. CB LiveOps closes the gap between security and operations, allowing administrators to perform full investigations and take action to remotely remediate endpoints all from a single solution.

CB LiveOps is built on the Carbon Black Cloud, the only cloud-native endpoint protection platform (EPP) that combines on-demand query functionality with advanced prevention, detection, and response.

Getting Started

Partners and customers can now perform any action available in the CB LiveOps console programmatically via APIs.

This means users will now be able to integrate results from CB LiveOps with the rest of their security stack to improve workflows and enable faster, more confident responses across all workloads in their environment.

For example, with the CB LiveOps APIs, users can schedule queries to run on regular intervals and then use the results to automatically take action on devices

All Documents


Document Release Date
LiveQuery REST API v1 January, 2020
Last modified on May 5, 2020