Cb Response is a purpose-built Endpoint Detection and Response solution for enterprise SOC and IR teams with a streamlined UI that’s built for speed, unlimited historical data retention, and unlimited scaling to fit even the largest enterprises. Achieve full visibility combining Cb Response with RSA NetWitness Suite for complete context of threats affecting the Enterprise.
Partner Product | RSA Product | Documentation & Downloads |
---|---|---|
Carbon Black Cb Response | RSA NetWitness | Parser Implementation Guide (preview) Parser Source Package (preview) |
it would be helpful to also get some sort of CB cloud to RSA integration , is that in the works.
the difference is - CB cloud (unless you allow syslog from the net ) can't syslog in.
so technically we'd need a CB API to LEEF connector
I've opened a corresponding topic on CB https://community.carbonblack.com/message/22386