Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Response 7.2 User Guide

CB Response 7.2 User Guide

Important: This documentation is being posted before general availability of this release. Please monitor the User Exchange for the release notice.

Note: This document applies to all 7.2 versions.

The CB Response 7.2 User Guide is written for both the cloud and on-premises editions of CB Response. It provides information for administrators and for members of Security Operations Center (SOC) and Incident Response (IR) teams who are responsible for setting up and maintaining security for endpoints and networks, as well as assessing potential vulnerabilities and detecting advanced threats. This document includes information about the following topics:

  • Console user accounts and using the console
  • Sensors and sensor groups
  • Server certificate management
  • Incident response
  • Process and binary search and analysis
  • Threat intelligence feeds
  • Investigations
  • Watchlists and alerts

See the Comments section for a brief summary of changes to this document since the previous edition.

Labels (2)

Change log for CB Response 7.2 User Guide (changes since the 7.1 version)

  • Added Event Forwarder compatibility data to "Configuring the Event Forwarder" chapter. Also updated the events and S3 output screenshots and description to include compression option.
  • Added SensorLookupInactiveFilterDays content to the "Sensors" chapter, and described the new user interface for this setting.
  • Added the "Live Query" chapter describe this new feature.
  • Improved the TLS Server Certificate explanation in the  "Managing Certificates for Server-Sensor
    Communication" chapter.
Article Information
Creation Date: