Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Updates to Carbon Black Defense Administrative Console

Updates to Carbon Black Defense Administrative Console

We are excited to announce the successful upgrade of Cb Defense’s administrative. Over the past week we have introduced a number of updates as follows:

  • The following settings have been added for all customers


SettingNotes
Allow User to Disable ProtectionProvides users the option to disable prevention aspects of the protect. Supported in Windows sensor versions 2.0+
Scan Files on Network DrivesConfigures whether files will be scanned for malware prior to execution when a network share is mounted to a device protected by Cb Defense.
Scan Execute on Network DrivesConfigures whether or not to delay execution of files for cloud reputation services for applications that run from network drives. Supported in Windows sensor versions 2.0+
Delay Execute for Cloud ScanConfigures whether or not to delay execution of files for cloud reputation services for applications that run from disk. Supported in Windows sensor versions 2.0+
Hash MD5Configures whether or not the sensor will compute an MD5 sum for all files on the endpoint. A SHA256 sum will be calculated each time. Supported in Windows sensor versions 2.0+ (Sensors released prior to 2.0 continue to calculate both the checksum values)



  • Fixed an issue in the policy page that improperly displayed a the option to create permissions rule related to “Tries to invoke untrusted app”
  • Fixed a number of outstanding issues with customer notification through email and SIEM events.
Comments

Thank you Ed for the update about these new added featuer.

Is there any document can help us use these featuers? And is it coming in a new relase?

Hi abdulla.abusaif​,

Thank you for your question. All (or most) of the new features/options referenced in emurphy​'s message above are documented in Cb Defense User Guide​. Additionally, you can search The Knowledge Base - NEW for any gotchas, best practices, limitations, etc. We try to put out useful information as soon we learn about anything that might be helpful to the users of Cb Defense. For example, the new "Delay execute for cloud scan" setting may can an increase in Alerts under certain conditions, so we have Cb Defense: Observing increase in Alert(s) when "Delay Execute for Cloud Scan" is disabled to help explain that.

If you have any specific questions regarding any of the features found in the product, you may ask in The Lounge (be sure to post in 'Cb Defense' category) or file a new Support case as described in Create a Case in The Community and our team will assist.

--

Alexey Popov | Technical Support Manager, Cb Defense

Article Information
Author:
Creation Date:
‎01-30-2017
Views:
1263