Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

Carbon Black Cloud Windows Sensor: All versions
Carbon Black Cloud Server: All versions
Microsoft Windows OS: All versions

Question

Which of the CBC Windows sensor's executables are responsible for creating network connections?

Answer

RepMgr.exe (communicates with cloud)
upd.exe (signature pack updates)
osqueryi.exe (potentially via curl table queries)
cbc_plugin_extension.ext.exe (potentially via cb_sensor_curl table queries)

Article Information

Author:

Creation Date:

‎04-10-2023

Views:

480

Knowledge Base

Carbon Black Cloud Windows Sensor: Which executables are responsible for creating network connections?

Carbon Black Cloud Windows Sensor: Which executables are responsible for creating network connections?

Environment

Question

Answer

Audit and Remediation

Carbon Black Cloud

Container

Endpoint Standard

Enterprise EDR

Managed Detection

Managed Detection and Response

Prevention

Workload

Knowledge Base

Carbon Black Cloud Windows Sensor: Which executables are responsible for creating network connections?

Carbon Black Cloud Windows Sensor: Which executables are responsible for creating network connections?

Environment

Question

Answer

Thank you for your feedback.

Thank you for your feedback.