We compared SentinelOne Singularity Complete and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the reviews, SentinelOne Singularity Complete is praised for its easy setup process and user-friendly features, including agent deployment and AI capabilities. In contrast, VMware Carbon Black Endpoint may require more knowledge and experience. Carbon Black's MDR capability stands out among its features. Both products have areas for improvement, with SentinelOne needing enhancements in user-friendliness and stability, and Carbon Black requiring better node management and troubleshooting capabilities. Pricing for SentinelOne is considered reasonable, while Carbon Black is seen as more expensive. Customer support for both products receives mixed reviews.
"The solution was relatively easy to deploy."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The stability is very good."
"The setup is pretty simple."
"I get alerts when scripts are detected in the environment."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"For me, the most valuable feature is the Deep Visibility. It gives you the ability to search all actions that were taken on a specific machine, like writing register keys, executing software, opening, reading, and writing files. All that stuff is available from the SentinelOne console. I'm able to see which software is permanent on a machine, and how that happened, whether by registry keys or writing it to a special folder on the machine."
"Their platform is really easy to work with."
"The product is a lighter client. Our previous solution ran heavy on the workstation and caused performance issues."
"The most valuable features include the agent installation and update processes."
"It is purely cloud-based, meaning you don't need to have something installed, such as a server on-prem. You have cloud management and can access it from anywhere, with integration with SSO, with one click. It's also very lightweight."
"We opted for SentinelOne because it gives you visibility and control over all the devices on which you have the agent deployed. That is very valuable because, in the end, all the attacks enter only through one gateway, which is usually a user's computer."
"SentinelOne is very simple to install and very simple to manage. It's very aggressive, so it does protection well, and it seems to be stopping attacks that other solutions cannot."
"The ability to quickly and easily identify threats on our machines is valuable. The fact that it protects the environment as a whole is also valuable. They have the ability to identify network nodes, and they have Ranger as a component of the solution that allows us to see the whole picture. We can see on what we have SentinelOne and on what we do not."
"I found it very valuable as a whole. It is good at detecting anything and has kept us very safe. It is also very easy to use."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"The solution is extremely scalable."
"The portal is easy to use and manage."
"I like the historical features, interface, and integration."
"The initial setup was fairly easy."
"It actually does some heuristics, and some behavioral analysis."
"Carbon Black Cb Defense has a nice component called Alert Triage. It contains full details of the process execution "kill chain" and "go live" for immediate remediation."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Making the portal mobile friendly would be helpful when I am out of office."
"The solution should address emerging threats like SQL injection."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Detections could be improved."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I'd like to see more documentation."
"Security could always be better."
"I would like to have firewall functionality within SentinelOne Singularity Complete."
"There is an area of improvement is agent health monitoring, which would give us the ability to cap and manage resources used by the SentinelOne agent. We had issues with this in our environment. We reached out to SentinelOne about it, and they were very prompt in adding it into their roadmap."
"While SentinelOne Singularity Complete effectively visualizes security data across our solutions, requiring extensive manual effort for analysis limits its effectiveness. I would therefore rate it a seven out of ten."
"It's good on Linux, and Windows is pretty good except that the Windows agents sometimes ask for a lot of resources on the endpoints. That could be in the fine-tuning for scanning. In Mac, they are complaining about the same problems, that it's using a lot of resources, but that could also be that we have to configure what it is scanning and what it should not scan. Currently it scans everything."
"There are features that I would like them to add. They have little to do with endpoint protection, but if they could add encryption and DLP on, it would make it even better."
"The product must provide the ability to update applications from the SentinelOne Management Console."
"In the next release, it would help if we can get better control over containers."
"The EDR portion could be better. I'm not a big fan, but it works."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
"Adding an application and a device control feature would be a great help for this solution."
"It would be nice to have additional forensic tools that you can build into the back end."
"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others."
"They will most likely need to create or include a feature that checks the network."
"The solution would be more effective if there was a way to block automatically based on behavior."
More SentinelOne Singularity Complete Pricing and Cost Advice →
SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 177 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 62 reviews. SentinelOne Singularity Complete is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, ThreatLocker Protect and Cortex XDR by Palo Alto Networks, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, Symantec Endpoint Security and Cisco Secure Endpoint. See our SentinelOne Singularity Complete vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Crowdstrike USPs compared to CB and SentinelOne:
1. Very powerful Machine Learning AV
2. Device Control
3. Vulanrablity Assessment ( Sentinel One have the partial capability )
4. AWS Partner Competency
5. Leaders and having a high rating in all major Analyst reviews
6. Automated Threat Intelligence
7. Customer satisfaction and retention
Do evaluate www.cynet.com and you will find that Cynet is way ahead in the way it does Continuous Breach protection and monitoring.
IMO, it depends on whether you have abilities to validate and/or correlate telemetries - these guys brings out quite a lot of telemetry alerts for you to work on...
Are you researching to buy or to resell?
SentinelOne has not been breached
SentinelOne is hands down my recommended solution.
SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack.
Please contact me at CyberSec@global.co.za for more information, a demonstration, or a quote.
Your reputation and your company's cyber security is in your hands - make an informed decision
They address slighty differing customer profiles, Crowdstrike has deep integrations to Okta, Sailpoint and others, where as SentinelOne has AI automation that outstrips the general use case associated to most threat detection elements.