Carbon Black Cloud Integrations


Partner Integrations

Carbon Black Cloud Integrations

Name Description Version Release Date Supported Products
Binary Toolkit Lets you integrate between Carbon Black Cloud Enterprise EDR and a binary analysis engine, like YARA. 1.1.0 2020-11-20 Enterprise EDR
CBC Python SDK Provides an easy interface to connect with Carbon Black Cloud products. Use this SDK to more easily query and manage your endpoints, manipulate data as Python objects, and harness the full power of Carbon Black Cloud APIs. 1.5.6 2024-07-26 Platform
Workload
Enterprise EDR
Endpoint Standard
Audit and Remediation
CarbonCLI Powershell CLI for managing Carbon Black Cloud resources 1.0 2024-03-26 Platform
Enterprise EDR
Data Forwarder Built in to the Carbon Black Cloud platform; Delivers Alert, Event and Watchlist Hit data to an AWS S3 bucket, ready for consumption by third-party solutions. N/A 2020 Platform
Workload
Enterprise EDR
Endpoint Standard
QRadar App Configures a connection in QRadar to ingest alerts, audit logs, and events from Carbon Black Cloud using the Data Forwarder and APIs into IBM QRadar. Actions such as quarantining devices and adding IOCs to watchlists can be initiated in QRadar to take effect in Carbon Black Cloud. 2.3.0 2024-06-05 Platform
Workload
Enterprise EDR
Endpoint Standard
Service Now:
ITSM App
SecOps App
Vulnerability Response (VR) App
Ingest Alerts and Vulnerabilities from Carbon Black Cloud to Service Now and automatically create Service Now incidents to track the resolution. A large set of actions such as quarantining devices are available to be initiated in ServiceNow and take effect in Carbon Black Cloud. ITSM App: 3.0.0
SecOps App: 3.0.0
VR: 2.0.0
2024-03 Platform
Workload
Enterprise EDR
Endpoint Standard
Splunk SIEM App Lets administrators bring alerts, events, audit logs, or vulnerability data from Carbon Black Cloud into their Splunk dashboard. 2.2.x 2023-08-17 Platform
Workload
Enterprise EDR
Endpoint Standard
Audit and Remediation
Splunk SOAR App Configures a connection in Splunk SOAR to ingest alerts from Carbon Black Cloud using the REST APIs. Actions can be initiated in Splunk SOAR to take effect in Carbon Black Cloud. 2.0.0 2024-02-12 Platform
Enterprise EDR
Endpoint Standard Audit and Remediation
Syslog Connector Lets administrators forward alerts and audit logs from their Carbon Black Cloud instance to local, on-premise systems. 2.0.3 2024-03-25 Platform
Enterprise EDR
Endpoint Standard
Threat Intelligence Connector A python connector for ingesting and processing STIX Content from various third party sources, such as TAXII servers or directly from XML or JSON files. 1.10 2024-07-25 Enterprise EDR
DEPRECATED
Zscaler Sandbox Connector
This integration is deprecated and no longer maintained.

Scans files from Carbon Black Cloud Endpoint Standard or Enterprise EDR that come through the network before they reach the endpoint.
1.1 2021-12-06 Enterprise EDR
Endpoint Standard

Last modified on July 26, 2024