Publicly-reported techniques recorded as bypassing Carbon Black. Each entry is sourced to its original disclosure. This is a factual tally, maintained on the same basis for every vendor in the Index.
| Technique | Entries | High-confidence | Most recent |
|---|---|---|---|
| BYOVD (Vulnerable Driver) | 2 | 2 | 2025-07-31 |
| Disable or Modify Tools | 1 | 0 | 2023-06-01 |
| Masquerading | 1 | 1 | 2025-06-23 |
| Technique | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| BYOVD (Vulnerable Driver) | high | 2025-07-31 | cybersecuritynews.com | record → |
| Masquerading | high | 2025-06-23 | www.drtcyber.com | record → |
| Disable or Modify Tools | medium | 2023-06-01 | www.threatlocker.com | record → |
| BYOVD (Vulnerable Driver) | high | 2023-05-31 | www.bleepingcomputer.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file, not that a product is unaffected.