We performed a comparison between Trend Vision One and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Impressive detection capabilities"
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The price is low and quite competitive with others."
"I get alerts when scripts are detected in the environment."
"The setup is pretty simple."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"We are very impressed with the single pane of glass visibility that Trend Micro XDR provides."
"They were one of the companies, early on, that spent a lot of time integrating their toolsets, and I was really impressed with that... the endpoint management system could reach out to the Deep Discovery system on the network and pick up something that it perceived as a suspicious object."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"What I like the most about Trend Micro XDR is that the detection and response domain extends to the network. It goes beyond the endpoint and includes data about the network which lets you pinpoint patient zero as well as the root cause of the attack."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"XDR provided a much more deep view into what is actually happening."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"It significantly speeds up incident response times by alerting analysts immediately upon detecting potential issues."
"I like the historical features, interface, and integration."
"Carbon Black Cb Defense has a nice component called Alert Triage. It contains full details of the process execution "kill chain" and "go live" for immediate remediation."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"I like its reporting."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"Technical support is excellent."
"The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The only minor concern is occasional interference with desired programs."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Intelligence aspects need improvement"
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The SIEM could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"It would be ideal if they could improve the control of connectivity between sensors."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"Trend Micro doesn't have the next-generation firewall."
"In new versions I would like to see better implementation of the reporting features, especially in regards to EDR visibility."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
"The centralized dashboard has room for improvement."
"Results were delayed."
"Carbon Black has limited capability to integrate with Rapid7."
"The EDR portion could be better. I'm not a big fan, but it works."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"It is difficult to extract reports for ongoing scans"
"The application control can be improved. It should also have an automatic update of the agents."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"In the next release, it would help if we can get better control over containers."
Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews while VMware Carbon Black Endpoint is ranked 14th in Endpoint Detection and Response (EDR) with 63 reviews. Trend Vision One is rated 8.6, while VMware Carbon Black Endpoint is rated 7.8. The top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, Microsoft Defender XDR, SentinelOne Singularity Complete and Wazuh, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security and Cisco Secure Endpoint. See our Trend Vision One vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.