RESTful APIs have been critical to establishing a foundation of openness across Carbon Black’s portfolio of endpoint security products. We’re excited to build upon that foundation with the latest release of Cb Defense, which provides users with new security information and event management (SIEM) integration functionality and modern RESTful Cb Defense APIs.
The new API for Cb Defense provides programmatic access to all alert-related events, enabling users to extend the visibility of data associated with alerts from the Cb Defense dashboard into their preferred SIEM.
Complementing this new API, we are also introducing RESTful versions of all existing Cb Defense APIs. Through the use of RESTful APIs, Carbon Black has created a tremendous ecosystem of third-party integrations for Cb Response and Cb Protection customers. This release lays the foundation for accelerated innovation of Cb Defense.
More on that to come, but for now let’s take a look at what’s included in this update.
Benefits of the New Cb Defense API
As explained above, this is just the first step toward our long-term goal to expand Cb Defense integration capabilities via open RESTful APIs. With the newly released API, users can now use the Alert ID to query Cb Defense and return all events associated with the alert.
In practical terms, this means users can direct Cb Defense alert data into the SIEM of their choosing. This allows for increased visibility into individual endpoints, processes, and events associated with those notifications even when you’re not in the Cb Defense console.
How To Get Started
All Cb Defense partners and customers will automatically receive access to the new API over the course of the next few days. Documentation for the new API is available now at the Developer Network website, and you can obtain the API key and connector ID by clicking the “Settings” dropdown and selecting “Connectors” in the Cb Defense console (as shown below):
Finally, if you ever have questions about the use of our APIs, the fantastic Carbon Black Developer Relations team is available to provide support.