We compared SentinelOne Singularity Complete and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the reviews, SentinelOne Singularity Complete is praised for its easy setup process and user-friendly features, including agent deployment and AI capabilities. In contrast, VMware Carbon Black Endpoint may require more knowledge and experience. Carbon Black's MDR capability stands out among its features. Both products have areas for improvement, with SentinelOne needing enhancements in user-friendliness and stability, and Carbon Black requiring better node management and troubleshooting capabilities. Pricing for SentinelOne is considered reasonable, while Carbon Black is seen as more expensive. Customer support for both products receives mixed reviews.
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Ability to get forensics details and also memory exfiltration."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"NGAV and EDR features are outstanding."
"SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens on the weekend, SentinelOne steps in and resolves the issue. It's a false positive 97% of the time, but at least they're resolved instead of hanging around for us to find on Monday."
"The solution is powerful because we just have to update the agent by using the console, which is simple to do. I just select the endpoints and click "Update" on the console. That is it, because it is very easy to use."
"The visibility and, obviously, the protection aspects are second to none when it comes to speed. Another thing we fall back on is the option to roll back an endpoint if it is infected. There is a shadow copy so that if a PC downloads malicious content, we can roll it back to the state it was in before that package was imported."
"Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the information we need is already in SentinelOne. We can briefly analyze and even respond from one management console. If someone has SOC, using the API, they can control everything. It's very cool. I think this is the future."
"The most valuable features are asset tracking, patching, endpoint tagging, and policy updates."
"The deep visibility is a valuable feature. I can use it during threats or alert signals that we get. I can also use it when we have alert signals from other security tools that we have."
"The Ranger feature is valuable."
"I like the centralized management with the web dashboard."
"The tool is pretty stable."
"I feel that the initial setup was straightforward and not complex."
"I like its reporting."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The EDR and reports were helpful in improving our organization."
"The product enables device controls, helping us protect the devices and prevent data leakages."
"The solution is stable."
"Behavioral Monitoring stops known malicious events before they even begin."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"We find the solution to be a bit expensive."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The only minor concern is occasional interference with desired programs."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The solution is not stable."
"SentinelOne can improve by having better integration with Active Directory."
"They should train their own people so that they can train us better. The theory is good."
"One of the areas which would benefit from being improved is the policies. There are still software programs where we need to manually program in the policies to tell the system, "This program is legitimate." Some level of AI-based automation in creating those policies would go a long way in improving the amount of time it takes to deploy the system."
"In automation, if we could schedule when we run the task and on which systems we want to run the task, it would improve automation."
"Initially, when we first deployed the solution, it caused some third-party connectivity issues."
"Email security should also integrate with it to get more visibility on it."
"SentinelOne needs to improve its endpoint deployment process."
"My biggest complaint is that when you're logged into the console there is the Help section where you can review all the documentation. But when you log in to the support portal, there is documentation there as well. They need to sync those two into one place so that I don't have to search in two different locations for an answer."
"It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"I would like to see the user credentials feature improved. I would also like to see more reporting features and better ways to roll the reports out."
"In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it."
"I am not sure whether Carbon Black CB Defense can be considered as a stable solution or not."
"The solution needs expanded endpoint query tools."
"Its compatibility can be improved. It did crash a server during deployment, which is not something that I want to happen. Its deployment should also be easier. The whole deployment cycle needs to be simplified. It is an enterprise solution, and to set it up right now, you have to be an expert."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 177 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 61 reviews. SentinelOne Singularity Complete is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Cynet, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our SentinelOne Singularity Complete vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Crowdstrike USPs compared to CB and SentinelOne:
1. Very powerful Machine Learning AV
2. Device Control
3. Vulanrablity Assessment ( Sentinel One have the partial capability )
4. AWS Partner Competency
5. Leaders and having a high rating in all major Analyst reviews
6. Automated Threat Intelligence
7. Customer satisfaction and retention
Do evaluate www.cynet.com and you will find that Cynet is way ahead in the way it does Continuous Breach protection and monitoring.
IMO, it depends on whether you have abilities to validate and/or correlate telemetries - these guys brings out quite a lot of telemetry alerts for you to work on...
Are you researching to buy or to resell?
SentinelOne has not been breached
SentinelOne is hands down my recommended solution.
SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack.
Please contact me at CyberSec@global.co.za for more information, a demonstration, or a quote.
Your reputation and your company's cyber security is in your hands - make an informed decision
They address slighty differing customer profiles, Crowdstrike has deep integrations to Okta, Sailpoint and others, where as SentinelOne has AI automation that outstrips the general use case associated to most threat detection elements.