We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"Ability to get forensics details and also memory exfiltration."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The solution was relatively easy to deploy."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The most valuable feature is the analysis, because of the beta structure."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"I like the dashboard nature of it. Everything is clickable, linkable, and information is easy to obtain and find. How it presents that information is probably the biggest win as far as the information correlation aspect. The presentation of it is very good."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"The threat intelligence is the most valuable feature."
"The solution can scale easily."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The triage feature that shows you the whole chain of the malware is useful."
"VMware Carbon Black Endpoint is a highly stable solution."
"The solution is very useful and easy to handle. You don't need much intervention with this product."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"Behavioral Monitoring stops known malicious events before they even begin."
"The most valuable asset is the time-lining capability for any breach activity."
"It has the best live response feature."
"It gives you all of the information in a short and sweet fashion."
"The only minor concern is occasional interference with desired programs."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The solution should address emerging threats like SQL injection."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Making the portal mobile friendly would be helpful when I am out of office."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Cannot be used on mobile devices with a secure connection."
"The SIEM could be improved."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"There are some areas where some customers would prefer a different service."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"The Integration with tools, SOC tools, could be better."
"We'd like to see more integration capabilities."
"Falcon could include more integrative features."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"The product's reporting capabilities are an area of concern where improvements are required."
"The solution has to mature on container security and a lot of cloud environment security."
"There is room for improvement in the support and service team."
"There's some disparity between the on-premise and the cloud type of application."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"In my company, we face issues sometimes when there is a need to write custom rules or we want to write for some rules that are different from the standard rules provided by the solution."
"Carbon Black has limited capability to integrate with Rapid7."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 62 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security, Symantec Endpoint Security and Cisco Secure Endpoint. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.