VMware Carbon Black Endpoint Security is a comprehensive endpoint protection platform (EPP) designed to safeguard enterprises from advanced cyber threats, malware, ransomware, and other forms of malicious attacks. Leveraging cloud-native architecture, it provides a robust set of tools to detect, prevent, investigate, and respond to cybersecurity incidents across environment. The solution stands out for its advanced behavioral analytics, real-time threat hunting, and customizable policies, making it a preferred choice for businesses seeking to fortify their defenses in the evolving cybersecurity landscape.
The most valuable features of VMware Carbon Black Endpoint are its live response, offline scanning, continuous monitoring and threat detection, log analysis, cloud-based usage for remote devices, granular policy control, and API for remote access and automation.
Users also commented on its sandboxing capabilities, application control, threat intelligence library, ongoing monitoring, whitelisting and approval process, integration with other security solutions, MDR capability for log analysis and response and blocking of vulnerable sites.
The solution is easy to use and offers a complete platform with strong security features.
The reviews indicate several areas where VMware Carbon Black Endpoint can be improved. Some of the key areas for improvement include:
1. Container and cloud security: The solution lacks maturity in terms of Kubernetes security and security for Linux and Mac. There is a need for stronger security measures in container and cloud environments.
2. Support and response time: The support and service team needs improvement in terms of faster response time. Work orders are taking more than two months to get resolved, causing disruptions to businesses.
3. Compatibility issues: There are compatibility issues between Carbon Black CB Defense and operating systems. Certain operating systems are not supported, hindering the installation process. Fine-tuning the deployment of sensors is also time-consuming.
4. User interface and reporting: The user interface could be more intuitive and provide better visibility for users. Additionally, there is a need for more comprehensive and customizable reporting features.
5. Automation and integration: The solution could benefit from additional automation features and better integration with other tools and platforms.
6. Investigative capabilities: The solution lacks a search bar for investigating alerts, leading to manual checking of numerous events. AI-related tasks and stronger AI capabilities would be helpful in identifying malicious activity.
7. Tenant management and GUI improvements: Making changes at the tenant level should be made easier, such as renaming or modifying tenants. The GUI could be improved to provide easier troubleshooting and a playback feature for better analysis.
8. Pricing and market penetration: The pricing of the solution could be more reasonable, and the solution should work towards penetrating new markets and gaining more customers.
9. Performance impact: The client's performance can be impacted when the solution is installed, and there is a need for better visibility for users.
10. Reporting and endpoint query tools: The built-in reporting could be improved, and there is a need for expanded endpoint query tools within the solution.
Reviewers provided mixed feedback regarding the ROI of VMware Carbon Black. Some have observed a positive ROI. Others stated that it is too early to determine the ROI. Many highlighted the subjectivity of calculating ROI for an antivirus.
VMware Carbon Black Endpoint features a transparent pricing structure typically devoid of setup costs, streamlining the implementation process for users. Pricing methods commonly involve a per-endpoint subscription model, ensuring flexibility to tailor investments according to organizational needs. Costs vary depending on the number of endpoints, catering to diverse budgetary considerations.
The primary use case of VMware Carbon Black Endpoint is threat detection, endpoint protection, and incident response. It is used for converged networks, firewalls, antivirus, EDR (Endpoint Detection and Response), application control, and providing threat intelligence to SOC (Security Operations Center).
The solution is deployed on-premises and on the cloud, and it is used for investigating malware outbreaks, monitoring products, detecting small malware, vulnerabilities, and scanning in real-time, ongoing monitoring, and security functionality.
It can also be used to manage multiple endpoints, isolate, repair, or remediate attacked machines and detect and respond to attacks on endpoints.
VMware Carbon Black has received mixed reviews in terms of support. Some users found the customer service team to be responsive and quick in their responses. The technical support was described as nice and available 24/7. On the other hand, there were complaints about the customer service and support team being slow in responding to queries and not knowledgeable enough.
The initial setup for VMware Carbon Black Endpoint was generally straightforward and simple. Some users mentioned that it was easy and didn't take much time, while others mentioned that it required a bit of technical knowledge and expertise.
The deployment time varied depending on the size of the environment and the number of endpoints, ranging from a few hours to several months.
Some users had minor issues during setup yet were able to resolve them easily.
VMware Carbon Black Endpoint is generally considered to be scalable by the reviewers. That said, some reviewers highlight that proper deployment is crucial for scalability. The solution is described as scalable and suitable for medium to large companies, particularly those in regulated environments or with a strong focus on security.
The stability of the VMware Carbon Black Endpoint solution is generally considered to be good. Users rate it between seven and nine out of ten, indicating that it is reliable and holds up well. Some users mention occasional stability issues, however, overall, the solution is described as stable and without major bugs or glitches.
Modernize Your Endpoint Protection
Legacy approaches to prevention leave organizations exposed. Get an endpoint platform that helps you strengthen and unify security tools to see more and stop more.
Simplify Your Security Stack
By simplifying endpoint security capabilities with one endpoint agent and console, you can minimize downtime, respond to incidents and return critical CPU cycles back to the business.
Operate with Confidence
Modern environments are increasingly complex. VMware Carbon Black is a single source of truth that provides an intuitive understanding of your environment, enabling confident decisions.
VMware Carbon Black Endpoint was previously known as Carbon Black CB Defense, Bit9, Confer.
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America