VMware Carbon Black Endpoint

What is VMware Carbon Black Endpoint? #

VMware Carbon Black Endpoint is a next-generation antivirus (NGAV) and behavioral endpoint detection and response (EDR) solution that protects against the full spectrum of modern cyber-attacks. VMware Carbon Black Cloud includes a universal agent and a console.

Why Should You Use the VMware Carbon Black Endpoint Connector? #

The VMware Carbon Black Endpoint connector provides visibility into the assets in your environment. You can use this visibility to:

ensure assets are managed per your security policies
derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Lucidum executes read-only requests to the VMware Carbon Black Endpoint REST API and ingests only meta-data about VMware Carbon Black Endpoint devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum #

Field	Description	Example
URL	The URL of the VMware Carbon Black API.	https://defense-prod05.conferdeploy.net/
API Token	API Key for a user account that has Read Permissions to fetch assets. The API Toke is of the format {API Secret}/{API ID} The API Secret Key is the new name for the API Key The API ID is the new name for the Connector ID
Org Key	Organization Key. You can find the Org Key in the product console under Settings > API Access > API Keys

Source Documentation #

Creating Credentials #

For details on creating an API and its Secret, see the section on Create an Access Level and Create an API Key in https://developer.carbonblack.com/reference/carbon-black-cloud/authentication/#authenticate-your-request.

Required Permissions #

Contact your Lucidum Sales Representative for help with permissions.

For details, see https://developer.carbonblack.com/reference/carbon-black-cloud/authentication

API Documentation #

Devices, Version 6:

https://developer.carbonblack.com/reference/carbon-black-cloud/platform/latest/devices-api/

Enriched Events:

https://documenter.getpostman.com/view/7740922/SWE9YGSs#31fff097-2509-4efa-a936-571dc520ec71

Vulnerabilities:

https://documenter.getpostman.com/view/7740922/SWE9YGSs#72dc66db-be28-411c-9f19-c466900eb955

Solutions

COMPANY

Resource Library

Ready for
a Demo

What is Lucidum?

Getting Started with Lucidum

Proxy Server

Managing Users

Connectors

Dashboards

Value-Oriented Dashboards (VODs)

Streamlining Queries with SmartLabels and Tags

Value-Oriented SmartLabels (VOSLs)

Risk

Actions

Use Cases

Viewing Data

Running Headless with Webhooks

Lucidum API v1

Lucidum API v2

Sending Alerts to Slack

Managing Your Lucidum System

VMware Carbon Black Endpoint

What is VMware Carbon Black Endpoint? #

Why Should You Use the VMware Carbon Black Endpoint Connector? #

How Does This Connector Work? #

Configuring the Connector in Lucidum #

Source Documentation #

Creating Credentials #

Required Permissions #

API Documentation #

What are your Feelings

Quick LInks

SOLUTIONS

COMPANY

RESOURCES

Solutions

COMPANY

Resource Library

Solutions

COMPANY

Resource Library

Ready fora Demo

What is VMware Carbon Black Endpoint? #

Why Should You Use the VMware Carbon Black Endpoint Connector? #

How Does This Connector Work? #

Configuring the Connector in Lucidum #

Source Documentation #

Creating Credentials #

Required Permissions #

API Documentation #

What are your Feelings

Share This Article :

Still stuck? How can we help?

Quick LInks

SOLUTIONS

COMPANY

RESOURCES

Solutions

COMPANY

Resource Library

Ready for
a Demo