We performed a comparison between Rapid7 InsightConnect and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."We are able to deploy within half an hour and we only require one person to complete the implementation."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Sentinel pricing is good"
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The analytic rule is the most valuable feature."
"The tool is stable. The initial setup is straightforward. The product is user-friendly."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"The solution does very well as a baseline EDR and provides good process-level management."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The reporting could be more structured."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The technical support should be improved."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The solution's support could be improved."
"The threat intelligence feed could use some fine tweaking."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"The solution can only handle about 500 bans or blocks."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
Rapid7 InsightConnect is ranked 23rd in Security Orchestration Automation and Response (SOAR) with 2 reviews while VMware Carbon Black Cloud is ranked 3rd in Security Incident Response with 18 reviews. Rapid7 InsightConnect is rated 8.0, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Rapid7 InsightConnect writes "Excellent security orchestration and automation AI features". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Rapid7 InsightConnect is most compared with Palo Alto Networks Cortex XSOAR, ThreatConnect Threat Intelligence Platform (TIP), CrowdStrike Falcon and Splunk SOAR, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Rapid7 InsightIDR and Splunk SOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.