Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: How To Determine Latest VDF Version and Date Via Developer Tools

Endpoint Standard: How To Determine Latest VDF Version and Date Via Developer Tools

Environment

  • Carbon Black Cloud Console: All Versions
  • Endpoint Standard Sensor: All Versions
  • Microsoft Windows: All Supported Versions

Objective

Provide steps for determining the latest Virus Definition File (VDF) version and the date and time associated with it for the Local Scanner

Resolution

Chrome

  1. Log into Carbon Black Cloud Console
  2. Open DevTools, select Network tab and Preview sub-tab
  3. Go to Endpoints page
  4. Check DevTools for 'sigPackVersionHistory'
  5. Expand the last array (numbers called out in [XXX ... XXX])
  6. The last item is the most recent VDF version, along with timestamp
     
    [400 ... 405]
    405: {aevdf_version: "8.16.16.28", timestamp: "2019-06-05T13:18Z"}

 

Firefox

  1. Log into Carbon Black Cloud Console
  2. Open DevTools, select Network tab and Response sub-tab
  3. Go to Endpoints page
  4. Check DevTools for 'sigPackVersionHistory'
  5. Scroll to the bottom of the list and expand the last number (XXX: {...})
  6. The last item is the most recent VDF version, along with timestamp
     
    405: {...}
        aevdf_version: 8.16.16.28
        timestamp: 2019-06-05T13:18Z

 

Safari

  1. Log into Carbon Black Cloud Console
  2. Open Web Inspector, select Network tab and Response sub-tab
  3. Go to Endpoints page
  4. Check Web Inspector for 'sigPackVersionHistory'
  5. Scroll to the bottom of the list
  6. The last item is the most recent VDF version, along with timestamp
     
    }, {
        "aevdf_version": "8.16.16.28"
        "timestamp": "2019-06-05T13:18Z"
    }]
    

 

sigPackVersionHistory API Call

  1. Log into Carbon Black Cloud Console
  2. Correct the URL to point to sigPackVersionHistory
     
    Prod05 Example:
    https://defense-prod05.conferdeploy.net/appservices/v5/sigPackVersionHistory
  3. Scroll to the end of the list to find the most recent VDF Version and Timestamp
     
    Example:
    {"aevdf_version": "8.16.21.146", "timestamp": "2019-08-21T16:47Z"}]

Additional Notes

  • The information in reflects the most recent versions of the VDF file seen across a given environment, not for a specific organization
  • It is also possible to search for a specific VDF version to get the timestamp associated within DevTools/Web Inspector by searching for the VDF version (x.xx.xx.xxx) within 'sigPackVersionHistory'
  • The data available via this method is a rolling 90-day history, and is not inclusive of all possible previous versions

Related Content


Was this article helpful? Yes No
34% helpful (2/6)
Article Information
Author:
Creation Date:
‎09-08-2020
Views:
5486
Contributors