APIs are available to all Carbon Black Cloud customers. Platform level APIs are augmented by product specific APIs.
The Carbon Black Cloud APIs enable scenarios such as interactive access from scripts during an incident investigation and persistent integration to a SIEM or SOAR tool. They also allow you to automate repetitive tasks, freeing up your resources for the things that matter most. The most common use cases are:
The most common API use cases are:
- I would like to automate a task I usually complete in the Carbon Black Cloud console.
- I would like to integrate the Carbon Black Cloud console with my other security products.
Most Commonly Used APIs
| Carbon Black Cloud Console | API Links on Dev Network |
|---|---|
| Alerts | |
| Processes Search | |
| Live Query | |
| Watchlist |
Complete Console-->API Cross-reference
| Carbon Black Cloud Console and User Guide Link | API Links on Dev Network |
|---|---|
| Access Profiles and Grants | |
| Access Profiles and Grants | |
| Alerts | |
| Auth Events | |
| Data Forwarder | |
| Devices | |
| Live Query | Differential Analysis | |
| Live Response | |
| Observations | |
| Processes Search | |
| Policy Service | |
| Recommendations | |
| Reputation Override | |
| User Management | |
| User Management | |
| Vulnerability Assessment | |
| Watchlist |
