We performed a comparison between Trellix Endpoint Detection and Response (EDR) and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"I get alerts when scripts are detected in the environment."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"The product detects and blocks threats and is more proactive than firewalls."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"This is stable and scalable."
"The product is user-friendly."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"The product's initial setup phase was very straightforward since you just need to install it, and it works."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"This is a stable product."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"The most valuable feature is that it detects and stops malicious executables."
"The product allows us to focus on endpoint and antivirus protection."
"The triage feature that shows you the whole chain of the malware is useful."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"It has intelligent learning behind it and we have been very successful in preventing attacks."
"The solution is very useful and easy to handle. You don't need much intervention with this product."
"It has the best live response feature."
"We'd like to see more one-to-one product presentations for the distribution channels."
"FortiEDR can be improved by providing more detailed reporting."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Intelligence aspects need improvement"
"It takes about two business days for initial support, which is too slow in urgent situations."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."
"Trellix does not support Linux and Mac."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available."
"The CPU utilization of the product is quite high compared to its competitors."
"The graphical view for nodes must be increased."
"The endpoints and utilization are too high, which impacts the production activity."
"The console has a lot of bugs, and it creates many issues."
"The UI interface needs improvement. The management needs further work in future versions."
"CB Defense could be more compatible with Linux, and its cloud provision could be improved."
"This solution could have greater granular control on how certain applications work."
"In my company, we face issues sometimes when there is a need to write custom rules or we want to write for some rules that are different from the standard rules provided by the solution."
"The solution needs better overall compatibility with other products."
"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence."
"A search bar in the investigation page and some AI-related tasks like outgoing alerts, or recent tactics that are being used in the market, must be embedded in the tool so that it's easier to find alerts."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews while VMware Carbon Black Endpoint is ranked 12th in Endpoint Detection and Response (EDR) with 62 reviews. Trellix Endpoint Detection and Response (EDR) is rated 7.4, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Microsoft Defender for Endpoint, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks. See our Trellix Endpoint Detection and Response (EDR) vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.