Carbon Black Cloud

Carbon Black Cloud is a cloud-native endpoint security solution that provides real-time threat detection, prevention, and response by analyzing unfiltered endpoint data.This guide explains how to add Carbon Black Cloud integration to Cloudaware.

To see how Cloudaware seamlessly integrates with Carbon Black Cloud in action, request a demo.

Prerequisites

1. Create an API Key in the Carbon Black Cloud console. Read more

2. Ensure that the API key has either View All or at least Read permissions for Alerts, Devices, and Policies in Custom Access Level. Read more

Add Carbon Black Cloud Organization

1. Log in to Cloudaware → Admin.
   

   

2. Find the Carbon Black Cloud integration. Click +ADD.
   

   

3. Fill out the form:
   

   

   WHERE
   Name – enter a name for the integration
   Org Key – enter a unique identifier for the Carbon Black Cloud organization, e.g., ABC123XY (to locate the org key, go to Settings -> API Access → API Keys)
   Base URL – enter a Carbon Black Cloud API endpoint URL (dashboard URL), e.g., https://defense-prod05.conferdeploy.net
   API ID – enter the identifier for the generated API key with required permissions (to locate the API ID, go to Settings -> API Access -> API Keys)
   API Secret – enter the secret key associated with the API ID for authentication
   
   Click CHECK to test the connection. Once the validation passed, click SAVE.
   

4. A green light in the ‘Status’ column indicates a successful configuration. If the light is red, contact support@cloudaware.com.
   

   

5. To view Carbon Black Cloud-related data, go to Cloudaware CMDB Navigator. Select CARBON BLACK CLOUD in the menu on the left:
   

   

List of Carbon Black Cloud objects

Cloudaware supports the following Carbon Black Cloud objects:

CBC Alert
CBC Device
CBC Organization
CBC Policy