Carbon Black CB Defense Competitors and Alternatives

Get our free report covering Carbon Black, Microsoft, CrowdStrike, and other competitors of Carbon Black CB Defense. Updated: October 2020.
442,194 professionals have used our research since 2012.

Read reviews of Carbon Black CB Defense competitors and alternatives

Mark Bonnamy
Real User
Technical Director at Ridgewall Ltd
Jul 22 2020

What is most valuable?

It has a number of valuable features. One of them is its ability to look across the estate. If somebody has been compromised, the question always is: How has it affected… more »

How has it helped my organization?

The fact that the solution offers cloud-delivered endpoint protection makes it simpler to use. Historically, Cisco's appliances have been relatively expensive and that has… more »

What needs improvement?

Some of the dashboards don't always populate with data. Most of them do, but some of them don't. Another issue for me, that would be the greatest value of all, would be to… more »

What's my experience with pricing, setup cost, and licensing?

We use the MSP model, so we're able to pay as we go. We report usage based on the actual usage, which is very handy. The old model of Cisco doing it was dated and archaic… more »

Which solution did I use previously and why did I switch?

We used Sophos in the past. We're replacing it, so when the renewals come up we replace Sophos with AMP, wherever possible.

What other advice do I have?

It's very simple to deploy, doesn't cause much in the way of management overhead, and does what it suggests. I would have no hesitation in recommending it. We obviously… more »

Which other solutions did I evaluate?

We looked at a number of different solutions: Carbon Black, Cylance, Sophos Intercept X and we liked the Cisco AMP solution over those products because it fit in neatly… more »
Real User
Sr. Information Security Manager at a computer software company with 1,001-5,000 employees
Oct 13 2020

What is most valuable?

I find all of the features to be valuable. It's a cool and very informative tool. The management console analyzes, stops, and prevents the spread of malware. You only need to work with the console… more »

How has it helped my organization?

Previously, we had some processes related to incident response which required more steps. We needed to upload to VirusTotal, Sandbox, et cetera. Now, this process is shortened because all of the… more »

What needs improvement?

In terms of improvement, they should work on agents' updates because that is not a strong part. It's not their strong point. It's not straightforward to upgrade agents. I send them questions about it… more »

What's my experience with pricing, setup cost, and licensing?

There are actually three versions of this product: the user version, professional, and professional plus. If analysts need to see something, like what the users are doing, what processes are running… more »

What other advice do I have?

We can see the difference between traditional antivirus and what we can do with SentinelOne. Even if the price is a little bit more, we can see what we can do with it. We can use EDR, stop network… more »

Which other solutions did I evaluate?

We have the option to choose different vendors. We briefly looked at other vendors. We looked at Carbon Black, Kaspersky, and ESET EDR. We evaluated them one year ago. These vendors are comparable to… more »
Reseller
Cyber Security Engineer at a tech services company with 11-50 employees
Mar 31 2020

What is most valuable?

The interface is not so bad. The dashboard actually is good. It is simple. But it is not able to produce simulated attacks.

What needs improvement?

I know of more than ten critical cases with clients which affect their use of the product adversely. We work with the Malwarebytes company a lot and have discussed the existing problems with the manager of Research and Development. He would not just say "You are right." But even though he knows that… more »

Which solution did I use previously and why did I switch?

We are currently looking for a new solution because I am not satisfied with the product or the effort of the vendor to meet the needs of users. I have gone through the trouble of making a table for competition analysis between various vendors to see how they compare and that includes several vendors… more »

What other advice do I have?

I have a lot of baggage with this product because of problems I have with the customers, the implementation, the configuration, the settings — it is very, very troublesome. There are various players on the course now. Some solutions may perform better. I have had a bad experience with Malwarebyte in… more »
Real User
Senior Manager at a financial services firm with 1,001-5,000 employees
Feb 19 2020

What is most valuable?

What we mainly find valuable in the product is exactly what our use case is. We use Carbon Black for the intrusion alerts and quarantine. Those would be our favorite features.

What needs improvement?

If Carbon Black could improve in the area or reducing the number of false positives or if there was a better way to filter out false positives that would enhance efficiency and utility. But in general, I think we are happy with the performance of Carbon Black. It would be nice to be able to… more »

Which solution did I use previously and why did I switch?

Security-wise, we are using a few different security tools for different purposes. We use Red Cloak which we deployed at the same time as Carbon Black. We tested and are using Trend Micro Tripwire and we are using Imperva as well. Red Cloak is very similar to Carbon Black.

What other advice do I have?

I do not think I have a lot of advice for people who are considering implementing the product at this point because most of our experience with the product has been relatively straightforward. I would just suggest that you have your white list set up before deploying if you are using automatic… more »
Real User
Senior Cyber Security Analyst with 1,001-5,000 employees
Oct 01 2020

What is most valuable?

The most valuable feature is the indicator of compromise, which shows you what file was either quarantined or removed. It shows you the malicious files in question, as well as the exact time, the… more »

How has it helped my organization?

Every week, a manager would look at a detailed report to see what kind of CrowdStrike incidents we had.

What needs improvement?

Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do. It is quite a pricey product.

What's my experience with pricing, setup cost, and licensing?

Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business. It is not a one-time payment. Any upgrades that you want to do, you're going to have to… more »

Which solution did I use previously and why did I switch?

CrowdStrike was already in place before I arrived, at both places where I have used it. We were also using Carbon Black, as well as other tools, but they were not being used to the same degree. I… more »

What other advice do I have?

My advice for anybody who is implementing CrowdStrike Falcon is to get in touch with the vendor and then follow best practices. They have a lot of documentation and everything is there. For the most… more »
Get our free report covering Carbon Black, Microsoft, CrowdStrike, and other competitors of Carbon Black CB Defense. Updated: October 2020.
442,194 professionals have used our research since 2012.