Carbon Black

Carbon Black

Featured integrations

Carbon Black Integration

When you connect Carbon Black and Tines you enhance your endpoint protection, controlability, and most importantly, your context for reacting to and investigating events. By enriching alerts and providing more context around actions, you unlock the ability to automate and integrate across heterogenous systems and processes. By adding better workflow automation or human gate-kept steps, you empower all members of your team to be more efficient while removing toil. With Tines as your automation worfklow engine you can crest the future while staying afloat in the flood of data. Stay ahead of the ever evolving threat landscape and decrease your Mean Time to Respond(MTTR) while refining and automating your responses with intelligent automations.

Use Cases

Update threat feeds, individual watchlist details, and alerts::Automate and enrich threat hunting and IoCs with extra context and actions::Cross platform automations to custom ingest, extract, or report::Isolate hosts and initiate further support procedures and playbooks::Automatically provision and deprovision assets based upon risk levels::Pivot through Tines stories to interconnect any other platform or API

Tines is built on stories. If you can tell the story of your current process (or a desired workflow) Tines can automate it. Using simple building blocks, any team member can build a Tines story across their teams, platforms, or business units. You can even chain stories together (using sub-stories) to build more complex modular and reusable workflows.

Start with the low-hanging fruit and then work your way up the tree! Which manual tasks, runbooks, playbooks, or SOPs do you or your team spend the most time on?

Agents and Actions

Just a sample of some of the prebuilt triggers, transforms, and actions ✓

Docs and Tutorials

Carbon Black + API

Carbon Black is a suite of endpoint agents and capabilities managed from the Carbon Black cloud. The Carbon Black cloud is a cloud-native Endpoint Protection Platform (EPP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweight agent and an easy-to-use console. Its capabilities include next-generation antivirus and behavioral EDR(Endpoint Detection and Response), managed alert monitoring and triage, real-time device assessment and remediation, and threat hunting and incident response. It also offers an on-premises application control and EDR capabilities making it a versatile threat hunting and incident response (IR) solution for security operations centers (SOC) and IR teams.

You can leverage turn-key Tines agents with Carbon Black and begin automating 'out-of-the-box'. We recommend creating dedicated Carbon Black API keys for use with Tines to ensure separation of duty.

Visit Carbon Black Docs ( ) or check out the Carbon Black API ( ) to see what endpoints you can access.

Tines + API

Tines is the automation engine for all your workflows. It enables you and your team to automate away manual tasks and create consistency with repeatable and reliable automated processes. With just a few simple building blocks you can rapidly automate a whole host of everyday tasks and workflows. Not only can you create your own agents but you benefit from the ongoing shared contributions of our analysts, engineers, and customers. Whether you leverage our prebuilt blocks or roll your own, it's simple to create actionable and repeatable outcomes that save you time and stress. This frees you up to work on more valuable and creative challenges. Tines is more than just a SoaR(Security Orchestration Automation and Response) platform or API tool, it's an engine that powers a whole range of processes, people, and workflows.

If there's an endpoint with an API, Tines can query it securely and correctly without using any apps, plugins, modules, or applets. As there is no need for coding or fragile scraping, Tines accelerates and empowers you to work smarter and more strategically. Irrespective of size or volume, it only takes minutes to leverage the Tines cloud. You can even deploy dedicated instances on your own infrastructure.

Escape from alert fatigue, standardize your workflows, and take back control by automating your processes, playbooks, and SOPs(Standard Operating Procedures) with simple drag-and-drop actions.

Visit Tines Docs for more information on agents, events, stories, credentials, globals, or administration. Even though you work from inside the graphical storyboarding tool, you can still access the Tines API if so desired for even deeper integrations.

You can also use powerful Liquid Templates and Filters throughout Tines (including in URLs, headers, credentials, or payloads).

Deep Dives

Check out the Tines Blog for more in-depth deep dives and novel uses.

More Help

If you have a question, comment, or suggestion just reach out!

Explore a quick workflow and begin your own automation story

Try it yourself

Related Integrations