We performed a comparison between IBM Resilient and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The product is very good at incident response."
"It is a stable solution...It is a scalable solution."
"It's really simple and has a flexible interface."
"The solution is very easy to use."
"Its flexibility is the most valuable."
"The most valuable features of IBM Resilient are its flexibility and customization options for incident response."
"The solution is simple to use and to integrate with IBM QRadar."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"The detection response and quarantining are very good features."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The tool needs to improve its documentation on license scripts."
"IBM Resilient is quite complex, including its configuration."
"The response time of the support is an area of concern where improvements are required."
"Its price needs improvement."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"It is not very straightforward to set up custom integrations, especially with services like Azure. You need an additional server for integration."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"The product needs a bit more development."
"Additionally, it is complex to use, and the pricing should be improved."
"The solution can only handle about 500 bans or blocks."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"One area for improvement is the maturity of its vulnerability features."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
IBM Resilient is ranked 4th in Security Incident Response with 17 reviews while VMware Carbon Black Cloud is ranked 3rd in Security Incident Response with 18 reviews. IBM Resilient is rated 7.6, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, IBM Security QRadar and Fortinet FortiSOAR, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Rapid7 InsightIDR and Splunk SOAR. See our IBM Resilient vs. VMware Carbon Black Cloud report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.