We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"The product's initial setup phase is very easy."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Ability to get forensics details and also memory exfiltration."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The setup is pretty simple."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"It provides very good protection and the ability to crosscheck environments."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The solution is silent and sits on your system as one single agent."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"The most valuable features are the complete IPS and IDS."
"The most valuable feature is its threat analysis."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"The initial setup is very easy."
"I like the historical features, interface, and integration."
"The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market."
"Behavioral Monitoring stops known malicious events before they even begin."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"The product allows us to focus on endpoint and antivirus protection."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The support needs improvement."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution is not stable."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Falcon could include more integrative features."
"There is room for improvement in managing multiple customer IDs."
"The performance could be better."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"Some of Falcon's features are a bit pricey."
"CrowdStrike should add support for ransomware protection."
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"I would like to see improvements made so that we can better see all of the processes."
"The product's stability could be improved."
"The EDR portion could be better. I'm not a big fan, but it works."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"The feature set for the firewall needs improvement."
"The endpoint machines need improvement."
"The application control can be improved. It should also have an automatic update of the agents."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 61 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.