Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Response 6.2.1 User Guide

Cb Response 6.2.1 User Guide

The Cb Response 6.2.1 User Guide is written for both the cloud and on-premises editions of Cb Response. It provides information for administrators and for members of Security Operations Center (SOC) and Incident Response (IR) teams who are responsible for setting up and maintaining security for endpoints and networks, as well as assessing potential vulnerabilities and detecting advanced threats. This document includes information about the following topics:

  • Console user accounts and using the console
  • Sensors and sensor groups
  • Incident response
  • Process and binary search and analysis
  • Threat intelligence feeds
  • Investigations
  • Watchlists and alerts

 

Updated: May 2018

 

See the Comments section below for changes to this version.

Labels (1)
Attachments
0 Kudos
Comments

Change log for the May 2018 version of this user guide:

  1. In the "About this Guide" section, replaced a reference to a deprecated Cb Response Connectors Guide with links to developer.carbonblack.com.
  2. Added two missing options (processopentarget and remotethreadtarget) in the crossproc_type field description. See the "Advanced Search Queries" chapter.
  3. Corrected several broken cross-references in the "Getting Started" chapter.
  4. Other minor corrections and improvements were also made.
Article Information
Author:
Creation Date:
‎01-25-2018
Views:
4069
Contributors