We performed a comparison between D3 Security, ServiceNow Security Operations, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"The solution is available over the cloud and is easy to manage."
"It's stable."
"The ease of use is great."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"Reduces time to closure and closure metrics for vulnerabilities."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"They're highly stable in comparison with other solutions I have."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"The detection response and quarantining are very good features."
"Integration and scalability are the most valuable."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"The most valuable features are the threat-hunting and the batch console."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"The threat intelligence module needs a better dashboard."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
"It doesn't interact with things very well."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"Additionally, it is complex to use, and the pricing should be improved."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"Training and education for both partner and customer, including product marketing need to be improved."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"The threat intelligence feed could use some fine tweaking."
"The solution can only handle about 500 bans or blocks."
More ServiceNow Security Operations Pricing and Cost Advice →