Carbon Black EDR on-premises: Migration of cloud services used to provide threat intelligence from AWS to GCP

Carbon Black EDR on-premises threat intelligence feeds and endpoint process binary data stored in the cloud will be migrated from AWS to Google Cloud Platform (GCP).

Timing

The maintenance window will run on October 08, 2025. All maintenance will occur between 03:30 UTC and 13:30 UTC.

Required Action

To ensure uninterrupted access to threat intelligence feeds and threat analysis services, on-premises Carbon Black EDR customers with restrictive firewall rules (default deny) must allow list the following IP address no later than October 06, 2025:

• 35.196.247.169

This change ensures that the Carbon Black EDR server can continue to communicate with cloud services for enhanced detection, visibility, and analysis.

Please refer to this article for any further information: Migration of Carbon Black EDR Cloud Services from AWS to GCP (Alliance IP Change)

Impacted DNS Names

The following DNS names will be resolved to the above IP address once we migrate to GCP:

• threatintel.bit9.com
• intel.threatintel.carbonblack.io
• api.alliance.carbonblack.com

Support

For further details or assistance, please contact Broadcom ESG Support.