We performed a comparison between Rapid7 InsightIDR and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet is very user-friendly for customers."
"The solution was relatively easy to deploy."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Simple configuration and automatically syncs to the cloud platform."
"The solution is easy to use, and the interface is intuitive."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"The solution is very stable and works very well for what I need it to do."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"The UI is very good."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"The solution's initial setup is easy."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"The most valuable features are the threat-hunting and the batch console."
"The detection response and quarantining are very good features."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The support needs improvement."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"ZTNA can improve latency."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution should address emerging threats like SQL injection."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Cannot be used on mobile devices with a secure connection."
"They should add more configuration and security features to it."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"Needs a better ability to customize the check within the console."
"The main problem lies in the processes within the client's operating systems."
"Lacks a mobile application."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"The APIs can be further improved in Rapid7."
"Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps."
"The cloud console has a lot of bugs and issues in the analysis part."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"The solution can only handle about 500 bans or blocks."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
Rapid7 InsightIDR is ranked 21st in Endpoint Detection and Response (EDR) with 30 reviews while VMware Carbon Black Cloud is ranked 27th in Endpoint Detection and Response (EDR) with 18 reviews. Rapid7 InsightIDR is rated 8.4, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR and Splunk SOAR. See our Rapid7 InsightIDR vs. VMware Carbon Black Cloud report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.