{"id":42003426,"url":"https://github.com/carbonblack/cbapi-python","last_synced_at":"2026-01-26T01:35:06.466Z","repository":{"id":5244126,"uuid":"52364316","full_name":"carbonblack/cbapi-python","owner":"carbonblack","description":"Carbon Black API - Python language bindings","archived":false,"fork":false,"pushed_at":"2024-08-22T18:39:26.000Z","size":10357,"stargazers_count":145,"open_issues_count":12,"forks_count":87,"subscribers_count":26,"default_branch":"master","last_synced_at":"2026-01-04T16:54:08.350Z","etag":null,"topics":["api-wrapper","app-control","audit-and-remediation","carbon-black-cloud","carbonblack","cb-defense","cb-liveops","cb-protection","cb-response","cb-threathunter","cbapi","edr","endpoint-standard","enterprise-edr","hosted-edr","python","python-bindings","supported"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/carbonblack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-02-23T14:21:22.000Z","updated_at":"2025-03-06T17:13:41.000Z","dependencies_parsed_at":"2024-03-13T00:28:07.843Z","dependency_job_id":"6522601a-c285-4b4b-8653-642def76785f","html_url":"https://github.com/carbonblack/cbapi-python","commit_stats":{"total_commits":826,"total_committers":66,"mean_commits":"12.515151515151516","dds":0.8595641646489104,"last_synced_commit":"32dd08d2185f7113f87834002e720db31c8c910e"},"previous_names":[],"tags_count":48,"template":false,"template_full_name":null,"purl":"pkg:github/carbonblack/cbapi-python","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carbonblack%2Fcbapi-python","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carbonblack%2Fcbapi-python/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carbonblack%2Fcbapi-python/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carbonblack%2Fcbapi-python/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/carbonblack","download_url":"https://codeload.github.com/carbonblack/cbapi-python/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carbonblack%2Fcbapi-python/sbom","scorecard":{"id":265504,"data":{"date":"2025-08-11","repo":{"name":"github.com/carbonblack/cbapi-python","commit":"550679c0847f1dc33fca5136a030a979b3944523"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.3,"checks":[{"name":"Code-Review","score":7,"reason":"Found 11/14 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/carbonblack/.github/SECURITY.md:1","Info: Found linked content: github.com/carbonblack/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/carbonblack/.github/SECURITY.md:1","Info: Found text in security policy: github.com/carbonblack/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2023-117 / GHSA-mrwq-x4v8-fh7p"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T11:55:10.936Z","repository_id":5244126,"created_at":"2025-08-17T11:55:10.937Z","updated_at":"2025-08-17T11:55:10.937Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28763969,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-26T00:37:26.264Z","status":"ssl_error","status_checked_at":"2026-01-26T00:37:25.959Z","response_time":113,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-wrapper","app-control","audit-and-remediation","carbon-black-cloud","carbonblack","cb-defense","cb-liveops","cb-protection","cb-response","cb-threathunter","cbapi","edr","endpoint-standard","enterprise-edr","hosted-edr","python","python-bindings","supported"],"created_at":"2026-01-26T01:35:05.079Z","updated_at":"2026-01-26T01:35:06.460Z","avatar_url":"https://github.com/carbonblack.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Python bindings for Carbon Black REST API\n\n**Latest Version: 2.0.0**\n\n_**Notice**:_\n* The Carbon Black Cloud portion of CBAPI has moved to https://github.com/carbonblack/carbon-black-cloud-sdk-python. Any future development and bug fixes for Carbon Black Cloud APIs will be made there. Carbon Black EDR and App Control will remain supported at CBAPI\n* Carbon Black EDR (Endpoint Detection and Response) is the new name for the product formerly called CB Response.\n* Carbon Black App Control is the new name for the product formerly called CB Protection.\n\nThese are the Python bindings for the Carbon Black EDR and App Control REST APIs.\nTo learn more about the REST APIs, visit the Carbon Black Developer Network Website at https://developer.carbonblack.com.\n\nPlease visit https://cbapi.readthedocs.io for detailed documentation on this API.\n\n## Support\n\n1. View all API and integration offerings on the [Developer Network](https://developer.carbonblack.com/) along with reference documentation, video tutorials, and how-to guides.\n2. Use the [Developer Community Forum](https://community.carbonblack.com/t5/Developer-Relations/bd-p/developer-relations) to discuss issues and get answers from other API developers in the Carbon Black Community.\n3. Report bugs and change requests to [Carbon Black Support](https://www.vmware.com/support/services.html).\n\n## Requirements\n\nThe cbapi package is designed to work on Python 2.6.6 and above (including 3.x). If you're just starting out,\nwe recommend using the latest version of Python 3.6.x or above.\n\nAll requirements are installed as part of `pip install`.\nThe legacy cbapi (`cbapi.CbApi`) and legacy bit9api (`cbapi.bit9Api`) are still compatible with Python 2.x only.\n\n## Backwards Compatibility\n\nBackwards compatibility with old scripts is maintained through the `cbapi.legacy` module. Old scripts that import\n`cbapi.CbApi` directly will continue to work.\n\nNew scripts should use the `cbapi.CbResponseAPI` (for EDR (CB Response)) and\n`cbapi.CbProtectionAPI` (for App Control (CB Protection)) API entry points.\n\n## Getting Started\n\nThere are two ways to get started:\n\n1. If you want to install the latest stable version of `cbapi`, simply install via `pip`:\n\n        pip install cbapi\n\n2. If you want to change cbapi itself, then you will want to install cbapi in \"develop\" mode.\nClone this repository, cd into `cbapi-python` then run setup.py with the `develop` flag:\n\n        python setup.py develop\n\n### Sample Code\n\nThere are several examples in the `examples` directory for both EDR and App Control.\nFor a quick start, see the following code snippets:\n\n**Carbon Black EDR**\n\n    from cbapi.response.models import Process, Binary, Sensor, Feed, Watchlist, Investigation\n    from cbapi.response.rest_api import CbEnterpriseResponseAPI\n\n    import logging\n    logging.basicConfig(level=logging.DEBUG)\n\n    c=CbEnterpriseResponseAPI()\n\n    # read the first four bytes of the notepad.exe associated with the first process instance of notepad running\n    c.select(Process).where('process_name:notepad.exe').first().binary.file.read(4)\n\n    # if you want a specific ID, you can put it straight into the .select() call:\n    binary = c.select(Binary, \"24DA05ADE2A978E199875DA0D859E7EB\")\n\n    # isolate all sensors who ran executable_name.exe\n    sensors = set()\n    for proc in c.select(Process).where('process_name:executable_name.exe'):\n        sensors.add(proc.sensor)\n\n    for s in sensors:\n        s.network_isolation_enabled = True\n        s.save()\n\n\n**Carbon Black App Control**\n\n    from cbapi.protection.models import *\n    from cbapi.protection.rest_api import CbEnterpriseProtectionAPI\n\n    p=CbEnterpriseProtectionAPI()\n\n    # Select the first file instance\n    fi = p.select(FileInstance).first()\n\n    # print that computer's hostname\n    fi.computer.name\n\n    # change the policy ID\n    fi.computer.policyId = 3\n    fi.computer.save()\n\n\n### API Token\n\nIn order to perform any queries via the API, you will need to get the API token for your CB user. See the documentation\non the Developer Network website on how to acquire the API token for\n[CB Response](http://developer.carbonblack.com/reference/enterprise-response/authentication/) or\n[CB Protection](http://developer.carbonblack.com/reference/enterprise-protection/authentication/).\n\nOnce you acquire your API token, place it in one of the default credentials file locations:\n\n* ``/etc/carbonblack/``\n* ``~/.carbonblack/``\n* ``/current_working_directory/.carbonblack/``\n\nFor distinction between credentials of different Carbon Black products, use the following naming convention for your credentials files:\n\n* ``credentials.response`` for EDR (CB Response)\n* ``credentials.protection`` for App Control (CB Protection)\n\nFor example, if you use a Carbon Black Cloud product, you should have created a credentials file in one of these locations:\n\n* ``/etc/carbonblack/credentials.response``\n* ``~/.carbonblack/credentials.response``\n* ``/current_working_directory/.carbonblack/credentials.response``\n\nCredentials found in a later path will overwrite earlier ones.\n\nThe credentials are stored in INI format. The name of each credential profile is enclosed in square brackets, followed\nby key-value pairs providing the necessary credential information::\n\n    [default]\n    url=https://localhost\n    token=abcdef0123456789abcdef\n    ssl_verify=False\n\n    [prod]\n    url=https://cbserver.prod.corp.com\n    token=aaaaaa\n    ssl_verify=True\n\n    [otheruser]\n    url=https://localhost\n    token=bbbbbb\n    ssl_verify=False\n\nThe possible options for each credential profile are:\n\n* **url**: The base URL of the Carbon Black server. This should include the protocol (https) and the hostname, and nothing else.\n* **token**: The API token for the user ID. More than one credential profile can be specified for a given server, with\n  different tokens for each.\n* **ssl_verify**: True or False; controls whether the SSL/TLS certificate presented by the server is validated against\n  the local trusted CA store.\n* **org_key**: The organization key. This is required to access the Carbon Black Cloud, and can be found in the console. The format is ``123ABC45``.\n* **proxy**: A proxy specification that will be used when connecting to the CB server. The format is:\n  ``http://myusername:mypassword@proxy.company.com:8001/`` where the hostname of the proxy is ``proxy.company.com``, port\n  8001, and using username/password ``myusername`` and ``mypassword`` respectively.\n* **ignore_system_proxy**: If you have a system-wide proxy specified, setting this to True will force cbapi to bypass\n  the proxy and directly connect to the CB server.\n\nFuture versions of cbapi may provide the ability to \"pin\" the TLS certificate so as to provide certificate\nverification on self-signed or internal CA signed certificates.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarbonblack%2Fcbapi-python","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcarbonblack%2Fcbapi-python","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarbonblack%2Fcbapi-python/lists"}