We’re Stronger Together
Security Research & Analytics
Binee: Binary Emulation Environment for Malware Analysis
We’ve designed Binee to bridge the barrier between static and dynamic analysis of real-world malware. This innovative emulator helps researchers extract run-time data from binaries at a cost, speed, and scale previously only possible with static analysis tools.
EQR: Event Query Router for High-Volume Analytics
EQR is an open-source data analytics tool that gives data scientists in any industry the ability to execute large-scale queries on real-time data streams without writing code or batching transactions.
Five ways to collaborate with VMware Carbon Black
- Expand the emulation capabilities in Binee
- Add a data stream processor to EQR
- Create an integration module for the VMware Carbon Black Cloud
- Participate in a discussion on the User Exchange
- Join us for Developer Day at the next Connect event
Our integrations with Splunk, including add-ons for Endpoint Standard and EDR, and the Phantom playbooks, allow administrators to forward events and notifications from Carbon Black’s solutions to Splunk for correlation and analysis and execute orchestration playbooks in Phantom.
The ThreatConnect connector for CB Response is a simple python-daemon that communicates with ThreatConnect’s API to retrieve Indicators of Compromise and format them as a Threat Intel Feed for CB Response. A similar connector to CB ThreatHunter will be available shortly.
Our integration with VMRay allows you to send binaries discovered in CB Response to VMRay for malware analysis.
Connectors and Forwarders
We maintain a number of generic connectors and forwarders, including Yara Connector, Event Forwarder, and CB API for Python, to make integration with other platforms easy.