EDR: How does a linux sensor interact with the kernel?
Article ID: 289182
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
How does a linux sensor interact with the kernel?
Environment
- EDR Sensor: 6.x and Higher
Resolution
The kernel module is a character device. The interaction is with read and write calls through the device file /dev/cbsensor.
Feedback
Yes
No
Powered by
