-
### Request Type
Feature Request
### Feature Summary
Would it be possible to develop an analyzer (or analyzers) for CarbonBlack (ER/EP) using the cbapi-python? https://github.com/carbonblack/cbap…
-
**I am seeing this behaviour on: (please complete the following information):**
- Carbon Black Cloud Products: Endpoint Standard, Enterprise EDR
- Python Version: 3.11
**Describe the bug**
We …
-
https://github.com/carbonblack/cb-integration/blob/0dfdb4ed42115ccc1d82be2bc7114db86e2a9855/cbint/message_bus.py#L397
This seems like something you might want to rotate (even though internal) and r…
-
After initial load of STIX Package, import fails when selecting **[Import Selected and keep/delete others]**. Failures occur across a full suite of Test STIX Packages that have loaded previously with…
-
Incorrect import entries added due to incorrect parsing in
https://github.com/carbonblack/binee/blob/4216d9650791d2937066978a8ad7c8cead3e8453/pefile/pefile.go#L692
importThunk is incremented 4 bytes…
-
开源搜索
https://deps.dev/
-
It looks like not all raw messages have all the header messages like process_path and process_md5.
Here's an example https://github.com/carbonblack/cbapi/blob/master/server_apis/proto/README.md the …
-
Cylance protect service (https://www.cylance.com/products-protect) in Windows takes over a single CPU core completely when tmux-continuum is enabled. Without tmux-continuum the CPU usage is negligible…
-
I think it would be worth adding a specific category of "Signature" (or the like) and the following Types:
carbonblack_process
carbonblack_binary
Snort
Kibana
Elasticsearch
Lucence
Yara
Sigm…
-
| vendor | binaries | systemd service name |
|---|---|---|
| wazuh | | wazuh-agent|
| ossec | ossec-control | |
| osquery | osqueryi | osqueryd |
| MS defender | mdatp | mdatp |
…