We performed a comparison between Galvanize IncidentBond, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The customization and the transparency of data while still maintaining a mostly user-friendly UI, are key features. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could."
"They have a portal where you can find any kind of integration that you need."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"The automation is excellent."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"What I like most about Palo Alto Networks Cortex XSOAR is how user-friendly it is for development. It is much simpler to work with compared to similar tools I've used."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"It was useful as a ticketing tool."
"The product is quite easy to use."
"It is a scalable solution...The initial setup was straightforward."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"The most valuable feature is that it detects and stops malicious executables."
"The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions."
"The initial setup was fairly easy."
"The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation."
"Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual. I can appreciate the cause and affect, wherein the customization of the tool drives rapid release schedules, and the paradox that creates with the idea of stable releases. I’d also like more transparency about known bugs and issues."
"The price of the solution could be improved."
"The solution is very expensive."
"There should be an on-premise version available for customers to have different choices."
"In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening."
"The dashboard performance could be improved."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"The configuration of the solution could improve it is difficult."
"Palo Alto Networks Cortex XSOAR could improve the Panorama feature. We had to turn it off because it was not working properly."
"I would personally give the tech support a rating of seven out of ten."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"The endpoint machines need improvement."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"Sensor deployment requires extensive fine-tuning, and creating deployment packages is time-consuming."
"The initial setup is complex."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Earn 20 points