Guides and Resources

Here we’ve listed a collection of tutorials, recorded demonstrations and other resources we think will be useful to get the most out of the Carbon Black Cloud Python SDK.

Recordings

Demonstrations are found on our YouTube channel.

A recent highlight shows how to schedule Audit and Remediation Tasks.

Guides

  • Device Control - Control the blocking of USB devices on endpoints.
  • VM Workloads Search Guide and Examples - Advanced protection purpose-built for securing modern workloads to reduce the attack surface and strengthen security posture.
  • Reputation Override - Manage reputation overrides for known applications, IT tools or certs.
  • Live Response - Live Response allows security operators to collect information and take action on remote endpoints in real time.
  • Unified Binary Store - The unified binary store (UBS) is responsible for storing all binaries and corresponding metadata for those binaries.
  • Users and Grants - Work with users and access grants.
  • Watchlists, Feeds, Reports, and IOCs - Work with Enterprise EDR watchlists, feeds, reports, and Indicators of Compromise (IOCs).
  • Recommendations - Work with Endpoint Standard recommendations for reputation override.
  • Alerts - Work and manage different types of alerts such as CB Analytics Alert, Watchlist Alerts and Device Control Alerts.

Examples

The GitHub repository also has some example scripts which will help you get started using the SDK.