Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

VMware Carbon Black EDR 7.4 User Guide

VMware Carbon Black EDR 7.4 User Guide

Important: This documentation is being posted before general availability of this release. Please monitor the User Exchange for the release notice.

Note: This document applies to all 7.4 versions.

The CB Response 7.4 User Guide is written for both VMware Carbon Black EDR and VMware Carbon Black Hosted EDR. It provides information for administrators and for members of Security Operations Center (SOC) and Incident Response (IR) teams who are responsible for setting up and maintaining security for endpoints and networks, as well as assessing potential vulnerabilities and detecting advanced threats. This document includes information about the following topics:

  • Console user accounts and using the console
  • Sensors and sensor groups
  • Server certificate management
  • Incident response
  • Process and binary search and analysis
  • Threat intelligence feeds
  • Investigations
  • Watchlists and alerts

See the Comments section for a brief summary of changes to this document since the previous edition.

Labels (3)
Attachments
Comments

This version of the VMware Carbon Black EDR User Guide contains the following changes:

  • Added tamper protection content
  • Added AMSI content
  • Updated the Installation Verification tables for the Linux and macOS sensors

On page 67, Viewing and Modifying User Accounts, should the statement, "Enabling or disabling two-factor authorization" be "Enabling or disabling two-factor authentication"?

Article Information
Author:
Creation Date:
‎01-06-2021
Views:
14980
Contributors