Latest Posts

• New UK PoP Released

  Announcement: The United Kingdom Point of Presence (UK POP) is now GA!

• Offline EDR Cluster Install

  Sometimes you may need to install an EDR cluster in an offline environment. The key thing here is to create the yum cache files, transfer to each server and install with yum before adding teh minions using cbcluster.

• Getting Started with Photon OS

  In anticipation of EDR being supported on Photon OS later this summer these are a few steps to get up and running with a new Photon server.

• New Data Volume on EDR

  In order to correctly build and provision an EDR server, at a minimum, the data partition should be on it’s own logical volume. This enables the partition to be placed on fast disks seperate from the underlying oS, allows for easier resizing and prevents issues around partitions filling with other files that weren’t anticipated in that location.

• Using Knative Eventing To Drive Carbon Black Cloud Workload Protection

  Automating the install of Carbon Black when a new Virtual Machine is created in vCenter.

• Trigger CBC Alarms with Powershell

  This Post is to record powershell scripts that trigger CBC alarms by matching AMSI detection rules.

• Kali Windows PHP Attack

  This Post is to detail the steps used when performing an attack using Kali Linux against a Windows Web Server with PHP.

• Install Virtual MacOS Monterey on VM Fusion

  This post is to remind me the steps I took to Install MacOS Monterey in Fusion so I could test installing Carbon Black on my work Mac.

• Offline Install of Carbon Black EDR Server

  Sometimes a customer wants to install EDR into an airgapped environment and even installing the server becomes a challenge. Using a redHat Satellite sever is one option (copy the cert and key to Satellite to authenticate our repository) but if this is noit available these steps using a caching server to download thge files is an option.

• Using Regex to Search Carbon Black Cloud Events

  For more detailed information and further examples see Carbon Black Advanced Search Tips

• Create a shopping cart with CBC Container runtime in Azure portal

  Steps here to create a running demo of Carbon Black Cloud Container Runtime in less than 10 minutes.

• Blog Setup

  These are just a few notes to remind me what steps I took getting started with this blog.