We compared Microsoft Defender for Endpoint and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: The reviews suggest that Microsoft Defender for Endpoint is commended for its simple installation process, seamless integration with Windows, and effective detection and correlation of threats. However, it may suffer from a lack of clarity in its licensing model and limitations in its user interface, security features, and customization options. On the other hand, VMware Carbon Black Endpoint may present a more challenging initial setup and higher pricing. Nevertheless, it offers advanced functionalities, robust protection against attacks, extensive integration possibilities, and a highly acclaimed EDR capability. It is noted that improvements are needed in terms of management, graphical user interface, compatibility, and technical support. Overall, both products possess their individual strengths and weaknesses.
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The product detects and blocks threats and is more proactive than firewalls."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet is very user-friendly for customers."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"One of the main features is the solution is very light on resources and we do not have any problems with it."
"I like that Defender is integrated and doesn't have a third-party payload trying to advertise subscription renewal."
"DFE organizational security posture has been a positive experience. We're a Microsoft house. It works. Once it's deployed and once it's configured, it works and our clients tend to be happy with it. I haven't really experienced anyone who has been so unsatisfied with the platform that they wanted to go a couple of different directions, that has never happened to me."
"Its simplicity is the most valuable. It also has very good integration. We like it."
"The most valuable features of Microsoft Defender for Endpoint are the ease of use and it was available within the operating system."
"The antivirus is the most valuable feature."
"There are a couple of features, such as isolating the devices or connecting the device and connecting live response."
"It is already integrated with Windows 10, so you don't need to worry about that."
"The visibility provided has been great."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"We can access computers remotely if we need to."
"It uses machine learning and behavioral analytics for advanced threat detection and response."
"The tool is pretty stable."
"The initial setup is pretty straightforward."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"I found the offline scanning to be particularly useful."
"The solution should address emerging threats like SQL injection."
"The dashboard isn't easy to access and manage."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Making the portal mobile friendly would be helpful when I am out of office."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"If they integrate with the EDR then it will benefit this solution."
"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."
"The management console is something that can be improved."
"The solution could be more friendly for end-users, with different type of scans or scheduled scans for it."
"They should come up with pre-built inner workflows."
"The product itself does not necessarily need improvement, but the support and implementation of the product are the disaster cases."
"I would like to see improvements made to how it secures activities on web pages."
"Sometimes, there are different skews. In a basic skew, they should have basic log analysis without the need to integrate with any third-party or SIEM solutions, like Sentinel. This would make it so much easier for users who don't have log collection or log analysis."
"The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"The feature set for the firewall needs improvement."
"Carbon Black has limited capability to integrate with Rapid7."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"Report generation can be improved."
"The solution needs better overall compatibility with other products."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 61 reviews. Microsoft Defender for Endpoint is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our Microsoft Defender for Endpoint vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.