Login
      Contents x
      Surveyor
      • 23 May 2024
      • 1 Minute to read
      • PDF
      Contents

      Surveyor

      • Updated on 23 May 2024
      • 1 Minute to read
      • PDF
      Article summary

      Surveyor is a Python utility that queries Endpoint Detection and Response (EDR) products and summarizes the results. Security and IT teams can use Surveyor to baseline their environments and identify abnormal activity.

      For a complete picture of Surveyor and its various offerings, visit the official website.

      Analyze your endpoints

      Surveyor uses both definition files and pre-built queries to run searches across an environment and provide insights into what applications or activities exist within an enterprise, who is using them, and how.

      Surveyor currently supports the following EDR platforms:

      • Cortex XDR

      • Microsoft Defender for Endpoint

      • SentinelOne

      • VMware Carbon Black EDR (formerly Carbon Black Response)

      • VMware Carbon Black Cloud Enterprise EDR (formerly Carbon Black Cloud Threat Hunter)

      You can find out more about Surveyor from this blog post.

      Get started

      For information about installing and using Surveyor, see the Getting started page of the wiki. Surveyor requires Python 3.9+.

      Contribute to Surveyor

      We encourage and welcome your contributions to Surveyor. For more information, see the Contributing to Surveyor page of the wiki.

      Was this article helpful?
      What's Next
      PRODUCTS
      USE RED CANARY
      SUPPORT
      Change password!
      Changing your password will log you out immediately. Use the new password to log back in.
      Change profile
      Success!
      First name must have atleast 2 characters. Numbers and special characters are not allowed.
      Last name must have atleast 1 characters. Numbers and special characters are not allowed.
      Enter a valid email
      Enter a valid password
      Your profile has been successfully updated.
      Logout