We performed a comparison between ServiceNow Security Operations and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"The product has a very simple UI."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"The ease of use is great."
"Reduces time to closure and closure metrics for vulnerabilities."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs."
"It has intelligent learning behind it and we have been very successful in preventing attacks."
"The EDR and reports were helpful in improving our organization."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"The visibility provided has been great."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"The initial setup is difficult."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"The threat intelligence module needs a better dashboard."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"The solution has to mature on container security and a lot of cloud environment security."
"The product's reporting capabilities are an area of concern where improvements are required."
"This product should be cheaper."
"This solution could have greater granular control on how certain applications work."
"I would like to see improvements made so that we can better see all of the processes."
"I'm not sure as to the logic of how we've decided to customize it. We've only really used it since February and therefore there may be more to do on that front. That's why it's hard to say if something is missing or if we just aren't utilizing it."
"In my company, we face issues sometimes when there is a need to write custom rules or we want to write for some rules that are different from the standard rules provided by the solution."
"Integration is difficult, but CB Defense is more powerful than others. It is difficult to implement but easy to pick up many detections."
More ServiceNow Security Operations Pricing and Cost Advice →
ServiceNow Security Operations is ranked 3rd in Security Incident Response with 14 reviews while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 61 reviews. ServiceNow Security Operations is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Microsoft Sentinel, IBM Resilient and Swimlane, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Symantec Endpoint Security. See our ServiceNow Security Operations vs. VMware Carbon Black Endpoint report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.