ThreatConnect Marketplace
  • Apps
  • Playbooks
  • Apps
  • Playbooks
Home » Playbook Overview » CarbonBlack Playbook
Back to Apps

Categories:
  • Endpoint Detection and Response

CarbonBlack Playbook

This Playbook template will allow you to deploy a Yara rule to Carbon Black’s Yara Manager. The Playbook uses a User Action Trigger which presents a button on the Details page of Signature groups that, when pressed, will gather the contents of the Signature and SCP them over via SSH to the host running the Yara Manager. SSH is required because there is currently no API endpoint for uploading Yara rules.

This app can be found in the ThreatConnect App Catalog under the name: Deploy Yara Rule to CarbonBlack

Related Playbooks

Cybereason
Endpoint Detection and Response

With the Cybereason  integration, customers  have the ability to query both types of malops, isolate suspicious activities,...

SentinelOne
Endpoint Detection and Response

With the SentinelOne integration, users  have the ability to interact with agents, threats, hashes, exclusions and blocklist...

Tanium Playbook
Endpoint Detection and Response

The Tanium Playbook allows a user to query Tanium Platform for endpoints that have been communicated to a specific Address...

Developers

  • Knowledge Base
  • Training Site

Company

  • ThreatConnect
  • Contact Us
  • Blog
  • Twitter
  • Facebook
  • Linkedin

© Copyright - ThreatConnect Marketplace
Scroll to top