We performed a comparison between IBM Resilient and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable thing about it is how easy it is to navigate the user interface."
"Its flexibility is the most valuable."
"The solution is easy to use."
"It's really simple and has a flexible interface."
"The solution is reliable in our usage."
"The solution is simple to use and to integrate with IBM QRadar."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The solution is very easy to use."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"The most valuable features are the threat-hunting and the batch console."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
"Integration and scalability are the most valuable."
"They're highly stable in comparison with other solutions I have."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"The integration could be improved so that it is easy to integrate with other solutions."
"IBM Resilient is quite complex, including its configuration."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The product needs a bit more development."
"The tool needs to improve its documentation on license scripts."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"The product must provide more integration with other tools."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"The threat intelligence feed could use some fine tweaking."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
IBM Resilient is ranked 4th in Security Incident Response with 17 reviews while VMware Carbon Black Cloud is ranked 2nd in Security Incident Response with 18 reviews. IBM Resilient is rated 7.6, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and IBM Security QRadar, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Splunk SOAR and Rapid7 InsightIDR. See our IBM Resilient vs. VMware Carbon Black Cloud report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.