This tutorial provides step-by-step instructions on how to integrate VMware Carbon Black with Workspace ONE Intelligence to enhance threat remediation and gain insightful threat data. The integration enables automation based on threats, allowing you to take actions against devices based on incoming threats reported by VMware Carbon Black Cloud.

Procedures included in this tutorial are:

1. Configuring the integration between Workspace ONE Intelligence and VMware Carbon Black to obtain threat insights.

2. Generating suspicious activities on the endpoint to create alerts and identify corresponding alerts in VMware Carbon Black and Workspace ONE Intelligence.

3. Creating custom dashboards for Carbon Black threats in Workspace ONE Intelligence.

4. Using automated workflows to quarantine devices based on incoming threats reported by VMware Carbon Black Cloud.

This tutorial is intended for IT professionals and security teams who want to enhance their threat remediation capabilities and gain deeper insights into threats. It assumes some knowledge of Workspace ONE Intelligence and VMware Carbon Black, but provides step-by-step instructions for each procedure.

The following updates were made to this guide:

* Added information on using automated workflows to quarantine devices based on incoming threats reported by VMware Carbon Black Cloud.

* Provided more details on how to create custom dashboards for Carbon Black threats in Workspace ONE Intelligence.

This tutorial was written by the VMware End-User Computing Technical Marketing team, and your feedback is valuable. To comment on this tutorial, please contact VMware End-User Computing Technical Marketing at euc_tech_content_feedback@vmware.com.