Deprecated. Use the cbp-fileRule-createOrUpdate command instead.
Carbon Black Enterprise Protection
- Details
- Content
- Dependencies
- Version History
Carbon Black Enterprise Protection is a next-generation endpoint threat prevention solution to deliver a portfolio of protection policies, real-time visibility across environments, and comprehensive compliance rule sets in a single platform.
Automations
| Name | Description |
|---|---|
| CBPBanHash | |
| CBPCatalogFindHash | Search the CBP/Bit9 file catalog for an md5 hash. |
| CBPFindComputer | Find a computer in CBEP/Bit9. |
| CBPApproveHash | Deprecated. Use the cbp-fileRule-createOrUpdate command instead. |
| CBPFindRule | Find the rule state for a hash value in CBEP/Bit9. |
Integrations
| Name | Description |
|---|---|
| VMware Carbon Black App Control v2 | VMware Carbon Black App Control (formerly known as Carbon Black Enterprise Protection) is a next-generation endpoint threat prevention solution to deliver a portfolio of protection policies, real-time visibility across environments, and comprehensive compliance rule sets in a single platform. This integration only supports Carbon Black on-premise APIs. |
Playbooks
| Name | Description |
|---|---|
| Carbon black Protection Rapid IOC Hunting | Hunt for endpoint activity involving hash and domain IOCs, using Carbon black Protection (Bit9). |
| Search Endpoints By Hash - Carbon Black Protection | Hunt for endpoint activity involving hash IOCs, using Carbon Black Protection. |
Automations
| Name | Description |
|---|---|
| CBPApproveHash | Deprecated. Use the cbp-fileRule-createOrUpdate command instead. |
| CBPFindRule | Find the rule state for a hash value in CBEP/Bit9. |
| CBPBanHash | Deprecated. Use the cbp-fileRule-createOrUpdate command instead. |
| CBPFindComputer | Find a computer in CBEP/Bit9. |
| CBPCatalogFindHash | Search the CBP/Bit9 file catalog for an md5 hash. |
Integrations
| Name | Description |
|---|---|
| VMware Carbon Black App Control v2 | VMware Carbon Black App Control (formerly known as Carbon Black Enterprise Protection) is a next-generation endpoint threat prevention solution to deliver a portfolio of protection policies, real-time visibility across environments, and comprehensive compliance rule sets in a single platform. This integration only supports Carbon Black on-premise APIs. |
Playbooks
| Name | Description |
|---|---|
| Search Endpoints By Hash - Carbon Black Protection | Hunt for endpoint activity involving hash IOCs, using Carbon Black Protection. |
| Carbon black Protection Rapid IOC Hunting | Hunt for endpoint activity involving hash and domain IOCs, using Carbon black Protection (Bit9). |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (3)
| Pack Name | Pack By |
|---|---|
| Common Scripts | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
1.0.37 - 6035467 (August 13, 2023)
1.0.36 - R5866730 (July 25, 2023)
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | December 29, 2020 | |
| Last Release | July 2, 2024 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
