We performed a comparison between D3 Security, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"It was useful as a ticketing tool."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"It is quite scalable. I would rate it a ten out of ten."
"It’s easy to install."
"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"The product is quite easy to use."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The solution is stable."
"The tool is pretty stable."
"I like its reporting."
"The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"The dashboard could be better."
"The tool’s multi-tenancy feature must be improved."
"Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
"The solution's technical support could be better."
"It is been decommissioned by Palo Alto."
"Its dashboard features need improvement."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"There should be an on-premise version available for customers to have different choices."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"The application control can be improved. It should also have an automatic update of the agents."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
"The support is poor."
"I would like to see improvements made so that we can better see all of the processes."
"The product's reporting capabilities are an area of concern where improvements are required."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
