We compared Microsoft Defender for Endpoint and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: The reviews suggest that Microsoft Defender for Endpoint is commended for its simple installation process, seamless integration with Windows, and effective detection and correlation of threats. However, it may suffer from a lack of clarity in its licensing model and limitations in its user interface, security features, and customization options. On the other hand, VMware Carbon Black Endpoint may present a more challenging initial setup and higher pricing. Nevertheless, it offers advanced functionalities, robust protection against attacks, extensive integration possibilities, and a highly acclaimed EDR capability. It is noted that improvements are needed in terms of management, graphical user interface, compatibility, and technical support. Overall, both products possess their individual strengths and weaknesses.
"The most valuable feature is the analysis, because of the beta structure."
"The product detects and blocks threats and is more proactive than firewalls."
"The solution was relatively easy to deploy."
"This is stable and scalable."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The stability is very good."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet is very user-friendly for customers."
"The installation is straightforward."
"Microsoft Defender for Endpoint is extremely stable."
"It's not really visible for the user - which is a benefit."
"This software is easy to use."
"It comes included with the Windows license."
"It is a very advanced system based on AI. It has a very large database of places or sites on the internet where you should not go. It is continuously online."
"Because it has been integrated with the OS, we get the entire software inventories, and we even get access to the registries. Those are the primary features."
"The solution can scale as needed."
"It is a very complete platform."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"We can access computers remotely if we need to."
"The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs."
"The solution is very useful and easy to handle. You don't need much intervention with this product."
"The product allows us to focus on endpoint and antivirus protection."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"The triage feature that shows you the whole chain of the malware is useful."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The solution is not stable."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The only minor concern is occasional interference with desired programs."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Cannot be used on mobile devices with a secure connection."
"The anti-ransomware features need to be improved upon."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"Notifications are always popping up — I hate that."
"They should come up with pre-built inner workflows."
"The solution should be updated by Microsoft with new features from time to time."
"There are likely some technical improvements or features that could be added, however, I cannot say, off the top of my head, what they would be."
"Microsoft support could be more knowledgeable."
"Needs improvement in the area of infrastructure for on-premise installation."
"It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
"The support is poor."
"It would be nice to have additional forensic tools that you can build into the back end."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"The EDR portion could be better. I'm not a big fan, but it works."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 61 reviews. Microsoft Defender for Endpoint is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and ESET Endpoint Protection Platform, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our Microsoft Defender for Endpoint vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.