We performed a comparison between D3 Security, ServiceNow Security Operations, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"The solution is stable."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"Reduces time to closure and closure metrics for vulnerabilities."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"The solution is available over the cloud and is easy to manage."
"The product has a very simple UI."
"My favorite feature is the application vulnerability scanner."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"They're highly stable in comparison with other solutions I have."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The solution does very well as a baseline EDR and provides good process-level management."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"The initial setup is difficult."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"The threat intelligence module needs a better dashboard."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"Training and education for both partner and customer, including product marketing need to be improved."
"The dashboard should be more user-friendly."
"Additionally, it is complex to use, and the pricing should be improved."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"One area for improvement is the maturity of its vulnerability features."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
More ServiceNow Security Operations Pricing and Cost Advice →