Please upgrade your Carbon Black sensor to the latest version 22.214.171.124124. This version seems to be stable even on 10.13.4 Beta. I've tested the agent on 10.11.6, 10.12.6, 10.13.3 and 10.13.4 (Beta) with all the Apple Security updates installed. Older agents must be removed first before proceeding with new installation.
Carbon black has a built-in removal uninstaller script
@bbracey In our initial testing, CB version 6.1.3 resolves this. However, any prior version of CB on the device has to be removed before 6.1.3 is installed. If you do an upgrade in place to this newer version, CB will still cause kernel panics with 2018-001.
Single policy removes CB version *old and then installs 6.1.3.
Once 6.1.3 is installed the devices fall into a smart group looking for that version.
Security 2018-001 is scoped against that smart group so it installs once 6.1.3 is in place.
You have to either remove the CB Sensor in safe mode, or install a version compatible with the Security Update. If you have a machine experiencing the issue, boot to safe mode, then run the uninstaller.
I got in touch with one of our security guys and they passed along a version of carbon black that was compatible, a recent release. We've not rolled it out yet but I put it on a test machine with 10.13.1 and was successfully able to upgrade to 10.13.3 with no issues.
Hope that helps.
InfoSec leaders often mandate the use of 3rd party security agents on macOS.
It is important to regularly audit the effectiveness of each security agent.
In other words, ask the team(s) responsible for each security agent to provide a monthly report for Mac systems.
What has the security agent caught or prevented? This info can help build a valid argument against using multiple 3rd party security agents.