Carbon Black Cloud: Does the CBC sensor capture events around user input credentials in any domain?
Carbon Black Cloud Sensor: All Supported Versions
Microsoft Windows: All Supported Versions
Mac OSX: All Supported Versions
Linux: All Supported Versions
Can the CBC sensor capture events around when a user would input credentials into any domain, or phishing sites, etc.?
Currently the CBC product does not log that level of detail. At best, you can see a browser making a network connection to a domain. However, the CBC sensor does not: - Know whether or not the domain/site is a phishing site or legit - Know if a userr submitted anything to the site - Know if that submission contained credentials