IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Carbon Black Response v6.1 - Integration Guide

Carbon Black Response v6.1 - Integration Guide

This documentation provides information for administrators who are responsible for integrating Cb Response with various tools. It discusses:

  • Integration with Cb Protection (formerly Bit9)
  • Integration with Microsoft Enhanced Mitigation Experience Toolkit (EMET)
  • Supported SAML 2.0 specifications and SAML 2.0 Single Sign-On (SSO) setup. This includes integration with the OKTA, Shibboleth, and ADFS IdPs
  • The Duo plugin, which you can configure two-factor authentication and download the Duo Mobile application on a mobile device
  • Syslog output for Cb Response events
  • Cb Response support for Virtual Desktop Infrastructure (VDI) and how to configure your machines to use it

Document Date: May 2017

Labels (1)
Attachments
Comments

Hi Team,

We would like to know is there any score matrix for watchlists priority based on high confidence. For example - powershell.exe spawning from excel.exe categorized as High and cmd.exe spwaning generic wmic command as low. I know alliance score is there for threat intelligence feeds, but is there any score matrix is there for watchlist, so we can get the data in splunk and write use case?

Article Information
Author:
Creation Date:
‎05-03-2017
Views:
6161
Contributors