Cb Connectors/Integrations

Getting Started

Our API Bindings are written in Python 2. We recommend learning the basics of python before continuing. Python is very easy to learn. Here are some resources to help get you started.

Connectors

To enable cross-product functionality, we have created connectors for various products and here is a list of all the Carbon Black connectors.

Vendor Type
Cyphort Binary Detonation
LastLine Binary Detonation
VirusTotal Binary Detonation
VMRay Binary Detonation
WildFire Binary Detonation
Yara Binary Detonation
iSIGHT Threat Intelligence
STIX/TAXII Threat Intelligence
ThreatConnect Threat Intelligence
ThreatExchange Threat Intelligence
IBM Qradar SIEM Integration
Splunk Active Response App SIEM Integration
Fidelis Orchestration
FireEye Orchestration
InfoBlox Orchestration
IBM BigFix Other
Juniper Sky ATP Other

If you find any bugs and/or missing features, feel free to Contact Us or comment in the github repos.

Advanced Use Cases

Need something more advanced or requires talking to the Cb Response Messaging Bus? The Event Forwarder is used to forward events into a SIEM or custom framework using the Cb Response Messaging Bus, its source code is valuable for learning how to interface with the Cb Response Messaging Bus elegantly and efficiently. If you are doing something that can’t easily be mapped by one of integrations or example scripts, we’d love to hear about it. Feel free to contact us.

Integration Description
CbAPI - Python Python API
Cb Defense Syslog TLS Connector Forward Alert Notifications
Cb Response App for Splunk Splunk App
Duo SAML Login Provider Service 2-Factor Auth
Event Duplicator Duplicate Cb Response Events
Event Forwarder Connector/API Forward Events
Last modified on September 21, 2017