Carbon Black Cloud Binary Toolkit

The Binary Toolkit lets you integrate between Carbon Black Cloud Enterprise EDR and a binary analysis engine such as YARA.

When the toolkit receives hashes of binaries encountered by your organization, it sets off a process where it fetches metadata about the binaries from the Unified Binary Store (UBS) and then sends the binaries through the analysis engine. The results from the engine and the metadata are consolidated and sent back to the Carbon Black Cloud where you can subscribe and monitor your environment in Watchlists.

Requirements

Carbon Black Cloud Enterprise EDR

Installation

You can install the Binary Toolkit using GitHub.

Performance Metrics

For details on the expected performance for the Carbon Black Cloud Binary Toolkit, see Performance Metrics.

Getting Started

There are two ways to use the Carbon Black Cloud Binary Toolkit:

Run the Binary Analysis Tool using out-of-the-box functionality found in the Carbon Black Cloud Binary Toolkit User Guide.
Use the Toolkit to develop your own tool for processing binaries by following the CBC Binary Toolkit Developer Guide.