Cb Inspection (previously called “Cb Threat Intel File Analysis”) provides integrated analysis services from Carbon Black and its partners. Cb Response servers and Bit9 Servers can send files from the endpoints they monitor to Cb Inspection for analysis. Once a file is analyzed, the analysis results are sent back to the server that requested them.
The analysis includes executing Windows 32-bit and 64-bit PE executables in a sandbox environment. Analysis results also include all of the metadata available for the file from the Carbon Black platform components that have seen it.
Cb Inspection is supported on:
Cb Response versions 5.1.1 Patch 2 or later, and 5.2 or later
Bit9 Platform versions 7.2.1 and 7.2.2 or later
Minor updates were made to the January 2018 version of this document to correct typographic errors. The Cb Protection/Bit9 requirement for access to threatintel.bit9.com on port 443 was modified to indicate that this is outbound only.