CB Defense: Is there a mechanism to detect and notify of a breach of logon controls?
search cancel

CB Defense: Is there a mechanism to detect and notify of a breach of logon controls?

book

Article ID: 287538

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Is there a built in mechanism to CB Defense to alert on a potential or successful breach of logon controls?

Environment

  • CB Defense Web Console: All Versions

Resolution

Currently there is no built in feature to notify of a loss of logon controls.

Additional Information

  • There is an open Feature Request to have the idea added into the product here: https://community.carbonblack.com/t5/Idea-Central/CB-Defense-Audit-Log-Entries-for-failed-login-attempts/idi-p/71573#M7969 
  • Alternatively you can leverage our Audit Log API to retrieve this information: https://developer.carbonblack.com/reference/cb-defense/1/rest-api/#audit-log-events