Pack Contributors:
- Fabio Dias
Contributions are welcome and appreciated. For more info, visit our Contribution Guide.
Carbon Black Cloud Enterprise EDR
- Details
- Content
- Dependencies
- Version History
Advanced threat hunting and incident response solution.
Pack Contributors:
- Fabio Dias
Contributions are welcome and appreciated. For more info, visit our Contribution Guide.
Integrations
| Name | Description |
|---|---|
| Carbon Black Enterprise EDR | VMware Carbon Black Enterprise EDR (formerly known as Carbon Black ThreatHunter) is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. (formerly known as ThreatHunter). |
Playbooks
| Name | Description |
|---|---|
| Carbon Black EDR Search Process | Deprecated. Use 'cb-eedr-process-search' command instead. |
Integrations
| Name | Description |
|---|---|
| Carbon Black Enterprise EDR | VMware Carbon Black Enterprise EDR (formerly known as Carbon Black ThreatHunter) is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. (formerly known as ThreatHunter). |
Playbooks
| Name | Description |
|---|---|
| Carbon Black EDR Search Process | Deprecated. Use 'cb-eedr-process-search' command instead. |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Playbooks | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (6)
| Pack Name | Pack By |
|---|---|
| Cortex REST API | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
| Common Playbooks | By: Cortex XSOAR |
| Aggregated Scripts | By: Cortex XSOAR |
| Rasterize | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
1.1.38 - 1238470 (August 4, 2024)
- 35542
Download
Integrations
Carbon Black Enterprise EDR
- Fixed an issue where cb-eedr-list-alerts command failed if start and end arguments were not provided.
- Fixed an issue where cb-eedr-process-search command failed if event_id argument was specified.
- Updated the Docker image to: demisto/python3:3.11.9.105369.
- 35542
Download
1.1.34 - 1156543 (July 8, 2024)
- 34757
Download
Integrations
Carbon Black Enterprise EDR
- Updated the integration to match the new API version (v7) of Carbon Black.
Note: Breaking Change - The cb-eedr-list-alerts command no longer supports the alert_category, workflow, and group_results fields.
Note: Breaking Change - The cb-eedr-alert-workflow-update command no longer supports free text in remediation_state field, it is predefined. - Updated the Docker image to demisto/python3:3.10.14.101217.
Playbooks
Carbon Black EDR Search Process
Deprecated. Use cb-eedr-process-search command instead.
- 34757
Download
1.1.33 - 769959 (January 18, 2024)
1.1.16 - 2899700 (May 10, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.4.29342.
1.1.14 - 2674843 (March 30, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Added type validations and other internal code improvements.
1.1.13 - 2624637 (March 22, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.1.27636.
1.1.12 - 2452767 (February 22, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.1.26972.
1.1.11 - 2297077 (January 24, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.1.25933.
1.1.10 - 2182031 (December 30, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.9.25564.
1.1.9 - R2146019 (December 21, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.8.24399.
1.1.8 - 7640590 (September 16, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.7.24076.
1.1.7 - 7401319 (September 1, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.6.24019.
1.1.6 - 401343 (July 22, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Upgraded the Docker image to: demisto/python3:3.9.6.22912.
1.1.5 - 388541 (June 22, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Upgraded the Docker image to: demisto/python3:3.9.5.21272.
1.1.4 - 379915 (June 7, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Upgraded the Docker image to: demisto/python3:3.9.5.20958.
1.1.3 - 273092 (February 6, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Documentation and metadata improvements.
- Updated the Docker image to: demisto/python3:3.9.1.15759.
1.1.2 - R264879 (December 23, 2020)
Integrations
VMware Carbon Black Enterprise EDR
Maintenance and stability enhancements.
Updated docker image from 3.8.6.13358 to 3.8.6.14516.
1.1.1 - 199815 (November 25, 2020)
Integrations
VMware Carbon Black Enterprise EDR
- Fixed an issue where the sort_field argument had invalid options in the cb-eedr-list-alerts command.
- Upgraded the Docker image to demisto/python3:3.8.6.13358.
1.1.0 - R180529 (November 9, 2020)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.8.6.12176.
- Added 3 commands.
- cb-eedr-process-search
- cb-eedr-process-search-results
- cb-eedr-events-by-process-search
Playbooks
- Added the new generic polling playbook Carbon Black EDR Search Process, which enables you to search a process by query or parameters.
1.0.2 - R110616 (September 9, 2020)
Integrations
VMware Carbon Black Enterprise EDR
- Renamed the integration Carbon Black Enterprise EDR to VMware Carbon Black Enterprise EDR.
1.1.38 - 1238470 (August 4, 2024)
- 35542
Download
Integrations
Carbon Black Enterprise EDR
- Fixed an issue where cb-eedr-list-alerts command failed if start and end arguments were not provided.
- Fixed an issue where cb-eedr-process-search command failed if event_id argument was specified.
- Updated the Docker image to: demisto/python3:3.11.9.105369.
- 35542
Download
1.1.34 - 1156543 (July 8, 2024)
- 34757
Download
Integrations
Carbon Black Enterprise EDR
- Updated the integration to match the new API version (v7) of Carbon Black.
Note: Breaking Change - The cb-eedr-list-alerts command no longer supports the alert_category, workflow, and group_results fields.
Note: Breaking Change - The cb-eedr-alert-workflow-update command no longer supports free text in remediation_state field, it is predefined. - Updated the Docker image to demisto/python3:3.10.14.101217.
Playbooks
Carbon Black EDR Search Process
Deprecated. Use cb-eedr-process-search command instead.
- 34757
Download
1.1.33 - 769959 (January 18, 2024)
1.1.16 - 2899700 (May 10, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.4.29342.
1.1.14 - 2674843 (March 30, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Added type validations and other internal code improvements.
1.1.13 - 2624637 (March 22, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.1.27636.
1.1.12 - 2452767 (February 22, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.1.26972.
1.1.11 - 2316504 (January 27, 2022)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.10.1.25933.
1.1.10 - 2182031 (December 30, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.9.25564.
1.1.9 - R2146019 (December 21, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.8.24399.
1.1.8 - 7640590 (September 16, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.7.24076.
1.1.7 - 7401319 (September 1, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.9.6.24019.
1.1.6 - 401343 (July 22, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Upgraded the Docker image to: demisto/python3:3.9.6.22912.
1.1.5 - 388541 (June 22, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Upgraded the Docker image to: demisto/python3:3.9.5.21272.
1.1.4 - 379915 (June 7, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Upgraded the Docker image to: demisto/python3:3.9.5.20958.
1.1.3 - 273092 (February 6, 2021)
Integrations
VMware Carbon Black Enterprise EDR
- Documentation and metadata improvements.
- Updated the Docker image to: demisto/python3:3.9.1.15759.
1.1.2 - R264879 (December 23, 2020)
Integrations
VMware Carbon Black Enterprise EDR
Maintenance and stability enhancements.
Updated docker image from 3.8.6.13358 to 3.8.6.14516.
1.1.1 - 199815 (November 25, 2020)
Integrations
VMware Carbon Black Enterprise EDR
- Fixed an issue where the sort_field argument had invalid options in the cb-eedr-list-alerts command.
- Upgraded the Docker image to demisto/python3:3.8.6.13358.
1.1.0 - R180529 (November 9, 2020)
Integrations
VMware Carbon Black Enterprise EDR
- Updated the Docker image to: demisto/python3:3.8.6.12176.
- Added 3 commands.
- cb-eedr-process-search
- cb-eedr-process-search-results
- cb-eedr-events-by-process-search
Playbooks
- Added the new generic polling playbook Carbon Black EDR Search Process, which enables you to search a process by query or parameters.
1.0.2 - R110616 (September 9, 2020)
Integrations
VMware Carbon Black Enterprise EDR
- Renamed the integration Carbon Black Enterprise EDR to VMware Carbon Black Enterprise EDR.
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | September 9, 2020 | |
| Last Release | March 23, 2026 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
