Collect-MemoryDump - Automated Creation Of Windows Memory Snapshots For DFIR

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is PowerShell script utilized to collect a Memory Snapshot from a live Windows system in a forensically sound manner. Features: Checks for Hostname and Physical Memory Size before starting memory...

BlueCloud - Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D

Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one registered Windows endpoint in Azure or AWS. A collection of Terraform and Ansible scripts that automatically and quickly deploys a small HELK + Velociraptor R...

UAC - Unix-like Artifacts Collector

UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data...

TuxResponse - Linux Incident Response

TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but...

CB Partner Spotlight Series: Slipstream Cyber Security

Slipstream Cyber Security is a managed cyber-security service provider enterprise with a Cyber Security Operations Centre CSOC is located in Perth, Western Australia. Staffed by experienced security professionals with backgrounds in cyber operations, anti-fraud, intelligence and more, the team...

CB Customer Spotlight: Q&A with ALLETE’s Jeff Rotenberger

For five years now, Jeff Rotenberger has served as a cybersecurity analyst for ALLETE, an energy and utilities company providing for the Upper Midwest. Rotenberger and his team have been working with Carbon Black CB APIs and CB Response to greatly reduce time spent on security remediation. Read o...

Cb Customer Spotlight Series: Q&A with Integral’s Sean McFeely

Featuring Sean McFeely, Sr. Information Analyst at Valvoline’s Integral Defense This year at Cb Connect 2018, we had our first ever Developer Day to recognize our vibrant partner and developer ecosystem. We had an amazing group of 100 developers attend, culminating in a hackathon. Sean McFeely, S...

How Live Query Will Change The Way You Do Vulnerability Management

It’s no secret that, without the right set of tools, vulnerability management can be tedious and exhausting. With slow, manual processes it can take weeks to identify and remediate issues. And the work itself is often dull, sifting and searching without yielding real results. Live Query...

Partner Perspectives: Containing and Recovering from Incidents with the Help of Minerva Labs and Carbon Black

Lenny Zeltser is a VP of Products at Minerva Labs, as well as an author and instructor at SANS Institute. Despite their efforts to prevent intrusions, enterprises can still face large-scale compromises. When organizations discover numerous endpoints infected with malicious code, how can responder...

Cb Defense Praised in Independent Tests, Product Reviews

Earlier this week, Carbon Black announced the Q3 release of Cb Defense, which features breakthrough streaming ransomware prevention as well as live response capability. Following this announcement, three independent security organizations published reviews and reports confirming the efficacy of C...

Cb Defense Q3 2017 Release Future-Proofs Your Ransomware Defenses

We’re excited to announce the Cb Defense Q3 2017 release is here! Cb Defense has always been focused on bringing you the best possible prevention, built upon our unique streaming prevention platform, combined with our market-leading endpoint detection and response EDR capabilities. The Q3 2017...

Partner Perspectives: Using Cb Response to Mitigate ETERNALBLUE

Editor's Note: This post originally appeared on redcanary.com In case you’ve been under a rock, there’s a wee problem with ransomware, fueled by the public release of a handful of high quality access exploit and persistence backdoor utilities. Most recently, these have manifested in the form of t...