Documentation Center
AlienVault® USM Anywhere™

The AlienApp for Carbon Black

The AlienApp for Carbon Black enhances the threat detection capabilities of USM Anywhere by collecting and analyzing log data from your Carbon Black applications and provides orchestration actions to streamline incident response activities. This AlienApp combines USM Anywhere advanced threat detection and the ability to automatically isolate compromised systems with Cb Response.

You can implement these integration capabilities according to the Carbon Black products that you have.

Carbon Black product Integration
Cb Response

Log collection through Syslog forwarded to the USM Anywhere Sensor and event normalization using the Cb Response plugin.

Orchestration to isolate compromised endpoint through the Cb Response APIs.

Cb Protection Log collection through Syslog forwarded to the USM Anywhere Sensor and event normalization using the Cb Protection plugin.
Cb Defense Log collection through Syslog forwarded to the USM Anywhere Sensor and event normalization using the Cb Defense plugin.

Edition: The AlienApp for Carbon Black is available in the Standard and Premium editions of USM Anywhere.

For more information about the feature and data support provided by each of the USM Anywhere editions, go to https://www.alienvault.com/pricing.