Carbon Black Cloud Enterprise EDR

Details
Content
Dependencies
Version History

Advanced threat hunting and incident response solution.

Playbooks

Name	Description
Carbon Black EDR Search Process	Use this playbook to search processes in Carbon Black Enterprise EDR. This playbook implements polling by continuously running the `cb-eedr-process-search-results` command until the operation completes.

Integrations

Name	Description
VMware Carbon Black Enterprise EDR	VMware Carbon Black Enterprise EDR (formerly known as Carbon Black ThreatHunter) is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. (formerly known as ThreatHunter)

Playbooks

Name	Description
Carbon Black EDR Search Process	Use this playbook to search processes in Carbon Black Enterprise EDR. This playbook implements polling by continuously running the `cb-eedr-process-search-results` command until the operation completes.

Integrations

Name	Description
VMware Carbon Black Enterprise EDR	VMware Carbon Black Enterprise EDR (formerly known as Carbon Black ThreatHunter) is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. (formerly known as ThreatHunter)

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (5)

Pack Name	Pack By
Filters And Transformers	By: Cortex XSOAR
Rasterize	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
MITRE ATT&CK	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR

1.1.27 - 4885523 (March 23, 2023)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.10.49934.

Related pull requests:
- 25474

Download

1.1.26 - R4718798 (March 1, 2023)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 24908

Download

1.1.25 - R4646022 (February 19, 2023)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.9.40422.

Related pull requests:
- 23177

Download

1.1.24 - R4247670 (December 19, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.8.39276.

Related pull requests:
- 22668

Download

1.1.23 - R4150463 (December 4, 2022)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 22175

Download

1.1.22 - 4013107 (November 10, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.8.37233.

Related pull requests:
- 22139

Download

1.1.21 - 3824820 (October 12, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.7.35188.

Related pull requests:
- 21670

Download

1.1.20 - 3649843 (September 13, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.6.33415.

Related pull requests:
- 21087

Download

1.1.19 - 3427401 (August 9, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.5.31928.

Related pull requests:
- 20387

Download

1.1.18 - 3243583 (July 11, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.5.31797.

Related pull requests:
- 19981

Download

1.1.17 - 3080614 (June 13, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.4.30607.

Related pull requests:
- 19515

Download

1.1.16 - 2899700 (May 10, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.4.29342.

Download

1.1.15 - 2784849 (April 19, 2022)

WARNING: This version is invalid. Please install a different version.

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.4.28442.

Related pull requests:
- 20109
- 18584

Download

1.1.14 - 2674843 (March 30, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Added type validations and other internal code improvements.

Download

1.1.13 - 2624637 (March 22, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.1.27636.

Download

1.1.12 - 2452767 (February 22, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.1.26972.

Download

1.1.11 - 2297077 (January 24, 2022)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.10.1.25933.

Download

1.1.10 - 2182031 (December 30, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.9.9.25564.

Download

1.1.9 - R2146019 (December 21, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.9.8.24399.

Download

1.1.8 - 7640590 (September 16, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.9.7.24076.

Download

1.1.7 - 7401319 (September 1, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.9.6.24019.

Download

1.1.6 - 401343 (July 22, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Upgraded the Docker image to: demisto/python3:3.9.6.22912.

Download

1.1.5 - 388541 (June 22, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Upgraded the Docker image to: demisto/python3:3.9.5.21272.

Download

1.1.4 - 379915 (June 7, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Upgraded the Docker image to: demisto/python3:3.9.5.20958.

Download

1.1.3 - 273092 (February 6, 2021)

Integrations

VMware Carbon Black Enterprise EDR

Documentation and metadata improvements.
Updated the Docker image to: demisto/python3:3.9.1.15759.

Download

1.1.2 - R264879 (December 23, 2020)

Integrations

VMware Carbon Black Enterprise EDR

Maintenance and stability enhancements.
Updated docker image from 3.8.6.13358 to 3.8.6.14516.

Download

1.1.1 - 199815 (November 25, 2020)

Integrations

VMware Carbon Black Enterprise EDR

Fixed an issue where the sort_field argument had invalid options in the cb-eedr-list-alerts command.
Upgraded the Docker image to demisto/python3:3.8.6.13358.

Download

1.1.0 - R180529 (November 9, 2020)

Integrations

VMware Carbon Black Enterprise EDR

Updated the Docker image to: demisto/python3:3.8.6.12176.
Added 3 commands.
- cb-eedr-process-search
- cb-eedr-process-search-results
- cb-eedr-events-by-process-search

Playbooks

Added the new generic polling playbook Carbon Black EDR Search Process, which enables you to search a process by query or parameters.

Download

1.0.2 - R110616 (September 9, 2020)

Integrations

VMware Carbon Black Enterprise EDR

Renamed the integration Carbon Black Enterprise EDR to VMware Carbon Black Enterprise EDR.

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	September 9, 2020
Last Release	March 23, 2023

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.