CB Defense: Is there a way to enable alerts for all Blocking actions?
search cancel

CB Defense: Is there a way to enable alerts for all Blocking actions?

book

Article ID: 290072

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Can alerts be generated for all block events?

Environment

  • CB Defense Console: All Versions

Resolution

No, alerts cannot be configured to create every time a blocking event occurs

Additional Information

  • Email notifications can be set to trigger any time a Deny (Block) or Terminate action is applied. Duplicate emails may be sent if an event has a high enough score to trigger a separate email notification
  • To prevent alert fatigue, many blocking events do not trigger alerts. What determines if an alert should be triggered or not cannot be shared for security reasons
Powered by Wolken Software