We performed a comparison between Galvanize IncidentBond, SECDO Platform, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The customization and the transparency of data while still maintaining a mostly user-friendly UI, are key features. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The ease of deployment is a valuable feature."
"It basically automates the entire alert investigation process."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"The most valuable features are the threat-hunting and the batch console."
"Integration and scalability are the most valuable."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual. I can appreciate the cause and affect, wherein the customization of the tool drives rapid release schedules, and the paradox that creates with the idea of stable releases. I’d also like more transparency about known bugs and issues."
"Maybe the notifications setting could use a simpler setting."
"The price should be reduced in order to be more competitive in the market."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The cloud console has a lot of bugs and issues in the analysis part."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"The solution can only handle about 500 bans or blocks."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
Earn 20 points
Earn 20 points