We performed a comparison between D3 Security, SECDO Platform, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"It basically automates the entire alert investigation process."
"The ease of deployment is a valuable feature."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"They're highly stable in comparison with other solutions I have."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The detection response and quarantining are very good features."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"Integration and scalability are the most valuable."
"The solution does very well as a baseline EDR and provides good process-level management."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"The price should be reduced in order to be more competitive in the market."
"Maybe the notifications setting could use a simpler setting."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"One area for improvement is the maturity of its vulnerability features."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The threat intelligence feed could use some fine tweaking."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"It's not simple."
"The cloud console has a lot of bugs and issues in the analysis part."
Earn 20 points