We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Forensics is a valuable feature of Fortinet FortiEDR."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The stability is very good."
"It is stable and scalable."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"The most valuable features of CrowdStrike Falcon are the AI in detecting and real-time detections."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"Falcon's best feature is its detection and blocking of threats."
"Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"We can access computers remotely if we need to."
"It has the best live response feature."
"The threat analysis functionality is good."
"The tool is pretty stable."
"It actually does some heuristics, and some behavioral analysis."
"VMware Carbon Black Endpoint is a highly stable solution."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We'd like to see more one-to-one product presentations for the distribution channels."
"ZTNA can improve latency."
"The solution should address emerging threats like SQL injection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution is not stable."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"Unfortunately, native applications are not supported."
"The installation process for this software needs to be simplified."
"This solution could be improved with greater scope for admins to make changes to the solution."
"We'd like to see more integration capabilities."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"Carbon Black has limited capability to integrate with Rapid7."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"The initial setup is complex."
"It is difficult to extract reports for ongoing scans"
"The product's stability could be improved."
"The solution would be more effective if there was a way to block automatically based on behavior."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
"The EDR portion could be better. I'm not a big fan, but it works."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 61 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.