We performed a comparison between SECDO Platform and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."Ability to get forensics details and also memory exfiltration."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It basically automates the entire alert investigation process."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The ease of deployment is a valuable feature."
"The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation."
"The most valuable feature of the solution stems from the support it provides."
"Carbon Black Cb Defense has a nice component called Alert Triage. It contains full details of the process execution "kill chain" and "go live" for immediate remediation."
"The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions."
"The initial setup was fairly easy."
"The product is pretty strong in terms of security and their features are very good in that respect."
"The visibility provided has been great."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution is not stable."
"Detections could be improved."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Maybe the notifications setting could use a simpler setting."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The price should be reduced in order to be more competitive in the market."
"Report generation can be improved."
"There is room for improvement in the support and service team."
"The local technical support is very poor, but the support from headquarters is very nice."
"In my company, we face issues sometimes when there is a need to write custom rules or we want to write for some rules that are different from the standard rules provided by the solution."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"Its compatibility can be improved. It did crash a server during deployment, which is not something that I want to happen. Its deployment should also be easier. The whole deployment cycle needs to be simplified. It is an enterprise solution, and to set it up right now, you have to be an expert."
"I am not sure whether Carbon Black CB Defense can be considered as a stable solution or not."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
Earn 20 points
SECDO Platform is ranked 9th in Security Incident Response while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 61 reviews. SECDO Platform is rated 9.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". SECDO Platform is most compared with Fortinet FortiSOAR and Palo Alto Networks Cortex XSOAR, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks.
See our list of best Security Incident Response vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.