Use Cases

Automating Carbon Black cloud solutions to detect suspicious CMD activity, investigate its' context, and respond with power automated shell commands via the Carbon Black Cloud Live Response integration.

Combines three Check Point products. Runs analysis of IOCs in SandBlast, enriches across ThreatCloud and additional sources, closes false positives, and updates NGFW's blocklists

The Use Case has a Connector and the Playbook that investigates the suspicious process on an employee's computer and its' context and responds to it via CrowdStrike Falcon.