We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"NGAV and EDR features are outstanding."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"This is stable and scalable."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"The stability is very good."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"It's very easy to set up."
"Easy to use, intelligent, and stable threat detection software."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"I like its reporting."
"I found the offline scanning to be particularly useful."
"I like its protection very much. It protects and allows us to lock the environment pretty tightly. Nothing that is not approved through Carbon Black can run in the environment. There is no default. Everything goes through Carbon Black Protect, and everything has to be first approved. Every software is considered to be guilty before prove innocent."
"The most valuable asset is the time-lining capability for any breach activity."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"Carbon Black has very good market strategies."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"ZTNA can improve latency."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Detections could be improved."
"The portal can be clunky to navigate at times and has room for improvement."
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"The performance could be better."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"The ability to receive text alerts natively in the console would be kind of cool."
"The Integration with tools, SOC tools, could be better."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"This solution could have greater granular control on how certain applications work."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"The local technical support is very poor, but the support from headquarters is very nice."
"The feature set for the firewall needs improvement."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
"Performing a malware scan usually takes a lot of time, more than 24 hours."
"The endpoint machines need improvement."
"The solution needs expanded endpoint query tools."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 61 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.