Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

Response 6.x and 5.3.x

Symptoms

Getting hits in Watchlists, feeds or queries for old VirusTotal reports

Cause

This is expected behavior not that the VirusTotal feed was deprecated in Cb Response and the feed is no longer updates via the CDC.

Resolution

Enable the Cb Reputation Threat feed, instructions on page 253 of the user's guide:
Replace all instances of alliance_score_virustotal: in wachlists, custom feeds and saved queries with alliance_score_srsthreat:

Related Content

A full explanation of the VirusTotal feed deprecation can be found here: [Complete ] VirusTotal Threat Feed in Cb Response is being deprecated in favor of the Cb Reputation ...

Article Information

Author:

Creation Date:

‎02-19-2018

Views:

686

Contributors

mbertoli

esullivan

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.