Cb Connectors/Integrations

Getting Started

Our API Bindings are written in Python 2. We recommend learning the basics of python before continuing. Python is very easy to learn. Here are some resources to help get you started.


To enable cross-product functionality, we have created connectors for various products and here is a list of all the Carbon Black connectors.

| Vendor | Type | |—————————|——| | |Cyphort | Binary Detonation | |LastLine | Binary Detonation | |VirusTotal | Binary Detonation | |VMRay | Binary Detonation | |WildFire | Binary Detonation | |Yara | Binary Detonation | |iSIGHT | Threat Intelligence | |STIX/TAXII | Threat Intelligence | |ThreatConnect | Threat Intelligence | |ThreatExchange | Threat Intelligence | |IBM Qradar | SIEM Integration | |Splunk Active Response App | SIEM Integration | |Fidelis | Orchestration | |FireEye | Orchestration | |InfoBlox | Orchestration | |IBM BigFix | Other | |Juniper Sky ATP | Other |

If you find any bugs and/or missing features, feel free to Contact Us or comment in the github repos.

Advanced Use Cases

Need something more advanced or requires talking to the Cb Response Messaging Bus? The Event Forwarder is used to forward events into a SIEM or custom framework using the Cb Response Messaging Bus, its source code is valuable for learning how to interface with the Cb Response Messaging Bus elegantly and efficiently. If you are doing something that can’t easily be mapped by one of integrations or example scripts, we’d love to hear about it. Feel free to contact us.

Integration Description
CbAPI - Python Python API
Cb Defense Syslog TLS Connector Forward Alert Notifications
Cb Response App for Splunk Splunk App
Duo SAML Login Provider Service 2-Factor Auth
Event Duplicator Duplicate Cb Response Events
Event Forwarder Connector/API Forward Events
Last modified on September 21, 2017