The AlienApp for Carbon Black enhances the threat detection capabilities of USM Anywhere by collecting and analyzing log data from your Carbon Black applications and provides orchestration actions to streamline incident response activities. This AlienApp combines USM Anywhere advanced threat detection and the ability to automatically isolate compromised systems with Carbon Black CB Response.
You can implement these integration capabilities according to the Carbon Black products that you have.
|Carbon Black product||Integration|
|Carbon Black CB Response||
Log collection through Syslog forwarded to the USM Anywhere Sensor and event normalization using the CB Response plugin.
Orchestration to isolate compromised endpoint through the CB Response APIs.
|Carbon Black CB Protection||Log collection through Syslog forwarded to the USM Anywhere Sensor and event normalization using the CB Protection plugin.|
|Carbon Black CB Defense||Log collection through Syslog forwarded to the USM Anywhere Sensor and event normalization using the CB Defense plugin.|
Edition: The AlienApp for Carbon Black is available in the Standard and Premium editions of USM Anywhere.
See https://www.alienvault.com/pricing for more information about the feature and data support provided by each of the USM Anywhere editions.
Warning: If the AlienApp fails and there is a message to inform you that it has not been loaded, please contact the AT&T Cybersecurity Technical Support department to solve the problem.