-
Notifications
You must be signed in to change notification settings - Fork 4
Home
Please read the README before using this Wiki.
This Wiki includes a User Guide and a Developer Guide. The guides include instructions for running the Carbon Black Cloud Binary Toolkit (i.e. Toolkit) and guidelines for how to modify the Toolkit to suit your needs.
The toolkit provides a quickly configurable and extensible way to improve the continuous monitoring of endpoints. By analyzing the binaries that endpoints encounter, you can add that threat intelligence to a Feed that can be continuously monitored through Watchlists.
The example YARA analysis engine included with the toolkit provides a way to improve that monitoring with minimal setup.
For details on the expected performance of CBC Binary Toolkit see Performance Metrics
For those looking to use the Toolkit to analyze binaries captured by Carbon Black Cloud.
For those looking to extend the code of the Toolkit.
Copyright © 2020 VMware Inc., All Rights Reserved.
Information here is current as of Carbon Black Cloud Binary Toolkit 1.0.0