We performed a comparison between Cybereason Deep Respond [EOL], SECDO Platform, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."We have 20,000 endpoints in our organization. It's very critical to monitor each and every device with any of our solutions. By deploying Cybereason, it collects all the information from every computer and it will feed it to the AI engine and do a malware check. It's very clear cut and we save a lot of time. It detects the problem very quickly and we can prevent an issue before it occurs."
"The ease of deployment is a valuable feature."
"It basically automates the entire alert investigation process."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The most valuable features are the threat-hunting and the batch console."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"The solution does very well as a baseline EDR and provides good process-level management."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"It's all on the analysis part. They currently support from email only. If we have a problem with Cybereason like high memory utilization, for example, we send an email to their team and they respond when they see it, but there is no on-call support. They don't offer the ability to call them."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"Maybe the notifications setting could use a simpler setting."
"The price should be reduced in order to be more competitive in the market."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The threat intelligence feed could use some fine tweaking."
"The solution's support could be improved."
"Training and education for both partner and customer, including product marketing need to be improved."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
Earn 20 points
Earn 20 points