We performed a comparison between SECDO Platform and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have FortiEDR installed on all our systems. This protects them from any threats."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The product detects and blocks threats and is more proactive than firewalls."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The ease of deployment is a valuable feature."
"It basically automates the entire alert investigation process."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"They're highly stable in comparison with other solutions I have."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The solution does very well as a baseline EDR and provides good process-level management."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I haven't seen the use of AI in the solution."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The solution should address emerging threats like SQL injection."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Maybe the notifications setting could use a simpler setting."
"The price should be reduced in order to be more competitive in the market."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The cloud console has a lot of bugs and issues in the analysis part."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"Additionally, it is complex to use, and the pricing should be improved."
"One area for improvement is the maturity of its vulnerability features."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"The solution's support could be improved."
Earn 20 points
SECDO Platform is ranked 10th in Security Incident Response while VMware Carbon Black Cloud is ranked 3rd in Security Incident Response with 18 reviews. SECDO Platform is rated 9.0, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". SECDO Platform is most compared with Fortinet FortiSOAR, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Rapid7 InsightIDR and Splunk SOAR. See our SECDO Platform vs. VMware Carbon Black Cloud report.
See our list of best Security Incident Response vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.