Enterprise EDR Integrations
Connectors and SDKs
Binary Toolkit - lets you integrate between Carbon Black Cloud Enterprise EDR and a binary analysis engine, like YARA.
CBC Python SDK - provides an easy interface to connect with Carbon Black Cloud products. Use this SDK to more easily query and manage your endpoints, manipulate data as Python objects, and harness the full power of Carbon Black Cloud APIs.
Data Forwarder - built in to the Carbon Black Cloud platform, delivers Alert, Event and Watchlist Hit data to an AWS S3 bucket, ready for consumption by third-party solutions. This can be configured from the Carbon Black Cloud console, and information is also included in the User Guide.
Splunk App - lets administrators bring alerts, events, audit logs, or vulnerability data from Carbon Black Cloud into their Splunk dashboard.
Syslog Connector - lets administrators forward alert notifications and audit logs from their Carbon Black Cloud instance to local, on-premise systems.
Threat Intel Module - lets you integrate between Carbon Black Cloud Enterprise EDR and a threat intelligence source, with an example for STIX/TAXII to import intel into Enterprise EDR Feeds.