Carbon Black Cloud Endpoint Standard: Does The Carbon Black Cloud Sensor Capture Malicious JS File In Browser Events?
Carbon Black Cloud Endpoint Standard Sensor: All Supported Versions
Carbon Black Cloud Web Console: All Versions
Will a Carbon Black Cloud Sensor log when JS or any other script-like files hosted on a website run in the browser?
This is currently not supported. VMware is currently investigating in expanding the sensor capability to treat the browser as a host for these scripts in a future sensor version.
In the event of code from a remote site trying to execute malicious actions on a Carbon Black Cloud protected endpoint, the sensor will still monitor reputation and execution of any files downloaded to the endpoint or executed locally from the browser which should mitigate direct attacks but will not prevent a phishing attack.