Carbon Black Cloud Endpoint Standard: Does The Carbon Black Cloud Sensor Capture Malicious JS File In Browser Events?
search cancel

Carbon Black Cloud Endpoint Standard: Does The Carbon Black Cloud Sensor Capture Malicious JS File In Browser Events?

book

Article ID: 287817

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Will a Carbon Black Cloud Sensor log when JS or any other script-like files hosted on a website run in the browser?

Environment

  • Carbon Black Cloud Endpoint Standard Sensor: All Supported Versions
  • Carbon Black Cloud Web Console: All Versions

Resolution

This is currently not supported. VMware is currently investigating in expanding the sensor capability to treat the browser as a host for these scripts in a future sensor version.

Additional Information

In the event of code from a remote site trying to execute malicious actions on a Carbon Black Cloud protected endpoint, the sensor will still monitor reputation and execution of any files downloaded to the endpoint or executed locally from the browser which should mitigate direct attacks but will not prevent a phishing attack. 
Powered by Wolken Software