The integration of Carbon Black Endpoint Detection and Response capabilities to Lumeta enables you to know whether hosts on your enterprise network are either unmanaged by Carbon Black or unknown to Lumeta. The integration enables a "deep-link" context switch from Lumeta to the Carbon Black UI, where the user can contain, isolate. and remediate "undefended" endpoints that are vulnerable to cyber attacks. The Carbon Black EDR solution continuously records, centralizes and retains activity from every endpoint to identify attacks and keep a history of an attacker's every action. Lumeta's index of all network devices ensures that Carbon Black is aware of all endpoints requiring deployment of the EDR software, so you can ensure 100% coverage to all hosts.
Configuring the Carbon Black Feed
Configure the Carbon Black feed as follows:
- On Lumeta's main menu, browse to Settings > Integrations > Other Solutions > Carbon Black.
- Enable the threat feed by moving Active slider to the right.
The label changes from a red No to a green Yes.
- Input a Polling Interval to indicate the time that should elapse between fetching the latest feed data. Input 24 to poll daily, input 12 to poll twice a day, and so on.
- Input your customer key.
- Input the IP address of your Carbon Black server.
- Click Submit.
Feed is configured.