logo

Documentation & Downloads

Browse your product documentation including release notes and installers

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

VMware Carbon Black EDR Introduces Open Source Linux Code

VMware Carbon Black EDR Introduces Open Source Linux Code

VMware Carbon Black EDR Linux is proud to announce our kernel module and eBPF code is now available as open source software under the GPLv2 license at https://github.com/vmware/cbsensor-linux-kmod and https://github.com/vmware/cbsensor-linux-bpf/ respectively. 

The distributions supported by the kernel module are RedHat 6 and 7 and derivatives that use the same RedHat kernels (CentOS, Oracle Linux). eBPF supports RedHat/CentOS 8+ as well as SUSE 12 and 15, and Ubuntu 18.04 and 20.04. Also included with our eBPF code is an example script that runs basic Linux telemetry under a BSD 2-Clause.

Open sourcing these parts of our sensor enables us to work more closely with the security community to produce a better product. Community contributions will be included in future development of our VMware Carbon Black EDR Linux sensor.

 

Sensor operating systems

CB EDR sensors operate with multiple operating systems. For the current list of supported operating systems, see  https://community.carbonblack.com/docs/DOC-7991.

 

Documentation

Click here to search the full library of CB EDR user documentation on the Carbon Black User Exchange.

Labels (4)
Comments
hldk
‎01-28-2021 01:46 AM
‎01-28-2021 01:46 AM

it really need a "/usr/sbin/cb_ebpftool/cbebpfdaemon.sh status" or some way to check from the linux agent side if all is ok.

Article Information
Author:
drenaud
Creation Date:
‎09-21-2020
Views:
2998
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.