Applies To: Carbon Black Cloud Endpoint Standard
Carbon Black Cloud Endpoint Standard (formerly called CB Defense) is a Next-Generation Antivirus (NGAV) and Endpoint Detection and Response (EDR) solution that protects against the full spectrum of modern cyber-attacks. Next-Generation Antivirus (NGAV) uses machine learning and behavioral models to analyze endpoint activity and uncover malicious behavior to stop all types of attacks before they reach critical systems.
EventTracker integrates Carbon Black Cloud Endpoint Standard logging through REST API and provides reports, knowledge objects and dashboards for all generated events including attacks, network connections, registry access, file auditing etc.
Once Cb Defense is configured to deliver events to EventTracker Manager; knowledge objects, dashboards and reports can be configured into EventTracker.
The configuration details in this guide are consistent with EventTracker version 9.x and later, and Carbon Black Cloud Endpoint Standard.
For more information please refer to the Integration guide
To configure Carbon Black Cloud Endpoint Standard to send logs to EventTracker, refer to the How-to Guide.