Skip to main content

Carbon Black Endpoint Standard

Download With Dependencies

Next-generation antivirus + EDR in one cloud-delivered platform that stops commodity malware, advanced malware, non-malware attacks and ransomware.

Cyber attackers are developing and innovating faster than traditional defenses can withstand. VMware Carbon Black Endpoint Standard (formerly known as Carbon Black Defense) analyzes endpoint data and uncovers malicious activity to stop all types of attacks before they reach critical systems.

What does this pack do?

The Carbon Black Endpoint Standard integration provides commands that enable you to:

  • Get details about the events that led to an alert.
  • Search devices in your organization.
  • Create a process search job.
  • Get a list of policies available in your organization.
  • Create, delete, and update policies.
  • Retrieve detail fields for enriched events.
  • Quarantine a device.
  • Start a background scan on a device.

This pack includes the following playbooks:

  • Carbon Black Defense Find Events: Finds events using a search query.
  • Carbon Black Defense Find Event Details: Receives event IDs and returns details about the event.
  • Carbon Black Defense Find Processes: Finds processes using a search query.




Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByCortex
CreatedNovember 9, 2020
Last ReleaseSeptember 12, 2023

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.