We performed a comparison between Carbon Black CB Defense and Cortex XDR by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Carbon Black comes out on top in this comparison because more of its users find deployment easier than Cortex XDR. In addition, users of Carbon Black report a positive ROI.
"The most valuable feature is the analysis, because of the beta structure."
"The setup is pretty simple."
"The product's initial setup phase is very easy."
"Ability to get forensics details and also memory exfiltration."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"I get alerts when scripts are detected in the environment."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is easy to use."
"The integrations are out-of-the-box, as are the playbooks."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"The initial setup is pretty easy."
"The initial setup is easy."
"The tool's use cases are relevant to security."
"The most valuable for us is the correlation feature."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"Behavioral Monitoring stops known malicious events before they even begin."
"The solution is extremely scalable."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"I like its reporting."
"I found it very valuable as a whole. It is good at detecting anything and has kept us very safe. It is also very easy to use."
"The EDR and reports were helpful in improving our organization."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"ZTNA can improve latency."
"Intelligence aspects need improvement"
"Making the portal mobile friendly would be helpful when I am out of office."
"The solution is not user-friendly."
"We find the solution to be a bit expensive."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"I would like to see them include NDR (Network Detection Response)."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"Managing the product should be easier."
"The solution could improve by providing better integration with their own products and others."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"Sensor deployment requires extensive fine-tuning, and creating deployment packages is time-consuming."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"The feature set for the firewall needs improvement."
"The solution needs better overall compatibility with other products."
"Adding an application and a device control feature would be a great help for this solution."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."
"Integration is difficult, but CB Defense is more powerful than others. It is difficult to implement but easy to pick up many detections."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 62 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security and Tanium. See our Cortex XDR by Palo Alto Networks vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Ransomware Protection vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.