Cyber attackers are developing and innovating faster than traditional defenses can withstand. VMware Carbon Black Endpoint Standard (formerly known as Carbon Black Defense) analyzes endpoint data and uncovers malicious activity to stop all types of attacks before they reach critical systems.
What does this pack do?
The Carbon Black Endpoint Standard integration provides commands that enable you to:
- Get details about the events that led to an alert.
- Search devices in your organization.
- Create a process search job.
- Get a list of policies available in your organization.
- Create, delete, and update policies.
- Retrieve detail fields for enriched events.
- Quarantine a device.
- Start a background scan on a device.
This pack includes the following playbooks:
- Carbon Black Defense Find Events: Finds events using a search query.
- Carbon Black Defense Find Event Details: Receives event IDs and returns details about the event.
- Carbon Black Defense Find Processes: Finds processes using a search query.