We performed a comparison between IBM Resilient, VMware Carbon Black Cloud, and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"The solution is simple to use and to integrate with IBM QRadar."
"As a whole, the product is stable...Technical support is very good."
"Its flexibility is the most valuable."
"IBM Resilient is scalable."
"This is a good solution that we recommend for customers."
"The solution is reliable in our usage."
"What I like most about IBM Resilient is that it has a complete stack, which means you don't need to use different OEM products because you have all you need under the IBM Resilient umbrella. You don't need to worry much about integrations and components because you're working with tested and proven architecture."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"The detection response and quarantining are very good features."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"Technical support is excellent."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"I like its reporting."
"It is a very complete platform."
"The new feature that we're deploying, the new offering from Carbon Black, is MDR, which stands for manage, detect, and response. It's the most valuable feature because Carbon Black will be continuously checking the logs, and they will be advising us on how to improve some of the policies as well as review the logs. If there are any nefarious agents or things happening on the end points, they will know."
"The threat analysis functionality is good."
"The most valuable feature of the solution stems from the support it provides."
"The product needs a bit more development."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"The integration could be improved so that it is easy to integrate with other solutions."
"The response time of the support is an area of concern where improvements are required."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"The initial setup is complex."
"There are shortcomings with IBM Resilient's technical support team that can be considered for improvement in the future."
"The cloud console has a lot of bugs and issues in the analysis part."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The solution's support could be improved."
"It's not simple."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
"The tech support communicates, but it's just not with movement."
"The solution needs better overall compatibility with other products."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence."
"The pricing could be more reasonable."
"There is room for improvement in the support and service team."
