We’re migrating product documentation to docs.vmware.com, starting with Carbon Black Cloud. Learn more.

Carbon Black Response v6.1 - Integration Guide

Carbon Black Response v6.1 - Integration Guide

This documentation provides information for administrators who are responsible for integrating Cb Response with various tools. It discusses:

  • Integration with Cb Protection (formerly Bit9)
  • Integration with Microsoft Enhanced Mitigation Experience Toolkit (EMET)
  • Supported SAML 2.0 specifications and SAML 2.0 Single Sign-On (SSO) setup. This includes integration with the OKTA, Shibboleth, and ADFS IdPs
  • The Duo plugin, which you can configure two-factor authentication and download the Duo Mobile application on a mobile device
  • Syslog output for Cb Response events
  • Cb Response support for Virtual Desktop Infrastructure (VDI) and how to configure your machines to use it

Document Date: May 2017

Labels (1)
Attachments
Comments

Hi Team,

We would like to know is there any score matrix for watchlists priority based on high confidence. For example - powershell.exe spawning from excel.exe categorized as High and cmd.exe spwaning generic wmic command as low. I know alliance score is there for threat intelligence feeds, but is there any score matrix is there for watchlist, so we can get the data in splunk and write use case?

Article Information
Author:
Creation Date:
‎05-03-2017
Views:
4159
Contributors