We performed a comparison between ServiceNow Security Operations and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"Reduces time to closure and closure metrics for vulnerabilities."
"The solution is available over the cloud and is easy to manage."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"It's stable."
"The ease of use is great."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"The initial setup is pretty straightforward."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"I like its reporting."
"The most valuable feature of the solution stems from the support it provides."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"The initial setup is difficult."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"The product is called SecOps, but it is not security operations in terms of SIEM solutions."
"It doesn't interact with things very well."
"This product should be cheaper."
"In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it."
"Sensor deployment requires extensive fine-tuning, and creating deployment packages is time-consuming."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."
"The UI interface needs improvement. The management needs further work in future versions."
"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence."
"The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."
More ServiceNow Security Operations Pricing and Cost Advice →
ServiceNow Security Operations is ranked 3rd in Security Incident Response with 15 reviews while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 62 reviews. ServiceNow Security Operations is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Microsoft Sentinel, IBM Resilient and Swimlane, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security and Symantec Endpoint Security. See our ServiceNow Security Operations vs. VMware Carbon Black Endpoint report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.