logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Enterprise EDR: How Frequently are Watchlist Feeds Updated?

Enterprise EDR: How Frequently are Watchlist Feeds Updated?

Environment

  • Enterprise EDR Console: All Versions

Question

How Often are Watchlist Feeds Modified? 

Answer

  • How frequently the watchlist feed is updated depends on the feed in question. 
  • Some watchlist feeds are rare to update, as they are looking for behaviors that do not change very often. 
  • Other watchlist feeds like 'TOR IP list' receive an update every 30 minutes. 

Additional Notes

  • Navigate to Console >> Enforce (Watchlists) >> Select  Watchlist Report >> Drill-down to report name>> The recent timestamp of last update will appear on the right hand side of the report name. 
  • This is a article attached imageThis is a article attached image
  • Example: Execution - Command And Scripting Interpreter Execution Last updated:9:59:15am, Mar 1, 2022     

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎05-11-2023
Views:
285
Contributors
logo