If you want to do further analysis of one or more VMs, you can open a VM in the Carbon Black Cloud console.

If you have a Carbon Black account, you can open the Carbon Black Cloud console to view information about a VM, investigate threats, manage security policies, view and query audit events, manage workload VMs, and more.

If you do not have a Carbon Black Cloud account, you can request one in VMware Live Cyber Recovery. After you request the account, an email is sent to you with instructions on how to create the account.

After you create your Carbon Black account, you can use the new account credentials to log in to the Carbon Black Cloud console.
Note: Opening the Carbon Black Cloud console requires either the VMware Live Cyber Recovery 'Recovery Admin' or 'Recovery Tester' user role.

Procedure

  1. From the Analysis tab of a VM during validation, select Open Carbon Black from the Tools menu.
    Or, from the left navigation, select Settings and then click Ransomware Recovery Services.
  2. In the Ransomware services integration dialog box, click the Open Carbon Black.
  3. If you have an account with Carbon Black, then the Carbon Black Cloud console opens.
  4. If you do not have account with Carbon Black Cloud console, click Open Carbon Black.
  5. Next, click Create Account.
    After you request the account, you are sent an email with instructions to create a new account. Once the account is created, click Open Carbon Black and user your Carbon Black Cloud credentials to access the Carbon Black Cloud console.