Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Response 6.2.2 User Guide

Cb Response 6.2.2 User Guide

The Cb Response 6.2.2 User Guide is written for both the cloud and on-premises editions of Cb Response. It provides information for administrators and for members of Security Operations Center (SOC) and Incident Response (IR) teams who are responsible for setting up and maintaining security for endpoints and networks, as well as assessing potential vulnerabilities and detecting advanced threats. This document includes information about the following topics:

  • Console user accounts and using the console
  • Sensors and sensor groups
  • Incident response
  • Process and binary search and analysis
  • Threat intelligence feeds
  • Investigations
  • Watchlists and alerts

 

See the Comments section below for a brief summary of changes to this document since release 6.2.1.

Labels (1)
Attachments
Comments

Change log for this user guide

1. Added a "List of Tasks" section.

2. Added documentation for on-demand macOS/OS X sensor diagnostics. See the "Troubleshooting Sensors" chapter.

3. Added two missing options (processopentarget and remotethreadtarget) in the crossproc_type field description. See the "Advanced Search Queries" chapter.

4. Added a brief description of new capabilities to send SHA256 hashes to the Cb Response event forwarder. See the "Sensor Parity" chapter.

5. Other minor corrections and improvements were also made.

Article Information
Author:
Creation Date:
‎05-09-2018
Views:
3709
Contributors