Knowledge Base

Yes

Environment

Carbon Black Cloud (formerly PSC) Sensor: All Versions
- Audit & Remediation (was CB LiveOps)
- Endpoint Standard (was CB Defense)
- Enterprise EDR (was CB ThreatHunter)
- Managed Detection (was CB ThreatSight)

Objective

How to filter alerts based on the threat vector being a removable media

Resolution

This can be found in one of the following two ways:

Run below search query on the Alerts page:
```
threat_vector: REMOVABLE_MEDIA
```
Navigate to Dashboard > "Attacks By Vector" > Click on Removable Media

Additional Notes

Vector: REMOVABLE_MEDIA is mentioned as Alert Origin under "Alert Origin, Behavior, Notes and Tags" on the Alerts Triage page for USB or other removable media related alerts

Knowledge Base

Carbon Black Cloud: How to filter alerts involving USB or any other removable media as threat vector

Carbon Black Cloud: How to filter alerts involving USB or any other removable media as threat vector

Environment

Objective

Resolution

Additional Notes

Related Content

Audit and Remediation

Carbon Black Cloud

Endpoint Standard

Enterprise EDR

Managed Detection

Knowledge Base

Carbon Black Cloud: How to filter alerts involving USB or any other removable media as threat vector

Carbon Black Cloud: How to filter alerts involving USB or any other removable media as threat vector

Environment

Objective

Resolution

Additional Notes

Related Content

Audit and Remediation

Carbon Black Cloud

Endpoint Standard

Enterprise EDR

Managed Detection

Thank you for your feedback.

Thank you for your feedback.