Carbon Black CB Defense Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Karthik Balakrishnan
Consultant
Senior Security Consultant at a manufacturing company with 10,001+ employees
Oct 21 2018

What is most valuable?

Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total, so it is out of like 65 vendors that are normally… more»

How has it helped my organization?

It has improved the number of alerts or the number of threat events that we are able to recognize in our environment. And it also highlights the usage of potentially… more»

What needs improvement?

It is still evolving, as we see. We started using the version 3.0. We've been migrating and upgrading as well, laterally, until version 3.2. So, we have been seeing a lot… more»

What's my experience with pricing, setup cost, and licensing?

I just told you the price point that's one of the factors, basically because that is what the higher management gave us as an input. But, we didn't play a major role in… more»

If you previously used a different solution, which one did you use and why did you switch?

We did a comparison of products and analyzed how many of them are getting detected on a weekly basis. We also did a trend chart for a monthly threat review. Which… more»

What other advice do I have?

In terms of the fixes from what the behavior was with the environment, it has been evolving. And the only thing that could be improved is enabling Carbon Black to be a… more»

Which other solutions did I evaluate?

We also had a review of FireEye HX as well, but we chose this in terms of the utility and also in terms of the cost involved. So that is the reason why we chose CB… more»
Darrick Kristich
Consultant
Founder/CEO at Sedara
Apr 25 2019

What is most valuable?

The biggest feature out of Carbon Black is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and… more»

What needs improvement?

Symantec needs more investigative features out-of-the-box. Though, they are using the Advanced Threat Protection add-on to correct some of this. It is also not quite as feature-rich as some of the more advanced MDR platforms out there… more»

What's my experience with pricing, setup cost, and licensing?

The licensing costs are comparable between the two products. If you're purchasing the product, they're both typically a traditional license model with an annual type fee or multiyear. The fees are the cost of the professional services to… more»

If you previously used a different solution, which one did you use and why did you switch?

Because of the limitations that Symantec provided, and the fact that we were seeing data that was extremely helpful from the Symantec logs, yet it didn't provide us a way to investigate it further or respond to it. This led us down a path… more»

What other advice do I have?

Symantec aligns with a more traditional antivirus that a lot of people are just more familiar with. It has traditional signature sets, exceptions, and policies. When you're talking medium sized implementations, where it's several hundred or… more»
Find out what your peers are saying about Carbon Black, Cylance, CrowdStrike and others in Endpoint Protection for Business. Updated: October 2019.
372,374 professionals have used our research since 2012.
Andre B.
Vendor
Executive Business Analyst & Advisor at a financial services firm with 10,001+ employees
Oct 23 2018

What is most valuable?

I think something that is the most valuable is the time-lining capability for any breach activity. It gives us the ability for us to actively threat hunt. This is not something where it's a passive response tool where we watch things… more»

How has it helped my organization?

We've integrated it with Splunk, with ThreatConnect, and a couple of others. It has a lot of modules for integration that has streamlined our ability to respond and decrease the amount of time for response, but also allowing us not to have… more»

What needs improvement?

In some areas one of the big issues for me is responsiveness to issues that arise with the solution. There are some components that leave a bit to be desired and/or that are bugs, or that even if it's a feature update request. These kinds… more»

What other advice do I have?

* Make ssure that your firewall ports open and really test communication back to their server. * Make sure you don't have anything else that may be impeding it. * If you are dealing with any PIA countries or GSA (also known as TAA)… more»

Which other solutions did I evaluate?

We also looked at Rsam and ESET. We've used a multitude. So yes, we have.
Imad Taha
Real User
Group CIO at a construction company with 10,001+ employees
Aug 20 2019

What is most valuable?

The deep analysis is the most valuable part of the solution. The number of false-positives is very, very low compared to other products using AI.

How has it helped my organization?

In terms of ransomware, that may try to rename or change a file, Carbon Black completely prevents these events from happening. A file name can only be changed by the user itself. The solution sets an… more»

What needs improvement?

The implementation of the solution should be improved. It takes too much time. However, once it's set up you really feel that there is a difference. The implementation itself is a little bit… more»

What's my experience with pricing, setup cost, and licensing?

The solution is a little bit costly. Compared to other traditional anti-viruses it's three times the cost, but if you have one incident it's is enough to see the ROI of the solution. The best price we… more»

If you previously used a different solution, which one did you use and why did you switch?

We previously used Kaspersky but we switched because when it comes to ransomware or suspicious activity all the traditional anti-viruses they cannot handle next-generation anti-viruses like CB does.

What other advice do I have?

We are using the public cloud deployment model of the solution. The provider is CB themselves. I would rate this solution 8.5 out of ten.
Brody Wright
Real User
System Analyst at a hospitality company with 1,001-5,000 employees
May 07 2018

What is most valuable?

* The software uses very few resources; it is almost invisible to the end user. * Behavioral Monitoring stops known malicious events before they even begin. * The whitelist: Being a Casino, we have some odd software packages. Being able to whitelist them is a must. * The option to quarantine a device and use the cloud-based portal to gain a “shell” on the infected machine. With this, we can dump… more»

How has it helped my organization?

During the company’s transition, we had a memory scraper infiltrate our network, and with the help of Carbon Black, we isolated the outbreak to a few point of sale machines.. We saw a step-by-step account of how the software was introduced into the environment, the host it originated from, and the destination address it was connecting too. Carbon Black stopped the spread in its tracks.

What needs improvement?

It works the way we want and how we want. For one improvement, an easier integration with an AlienVault USM appliance would be good. The directions for Splunk are spot on, but it is difficult to find anything on integration with AlienVault,
Real User
Sr. Security Analyst, Enterprise Architecture and Security at a tech services company with 5,001-10,000 employees
Jan 06 2019

What is most valuable?

Data analysis is the most valuable feature because of the whitelist database. It is different than standard IDS solutions.

How has it helped my organization?

It has improved our protection to have less false-positives. We have a greater ability to find malware notifications. It has improved between 30-35% more than prior to our use of the solution.

What needs improvement?

The UI interface needs improvement. The management needs further work in future versions.

What's my experience with pricing, setup cost, and licensing?

I am not really involved in the pricing of this product. From my understanding, the price is okay for us.

What other advice do I have?

I would advise Carbon Black to work on the automation and make it a bit easier for the solution.

Which other solutions did I evaluate?

We did consider other products but we chose this solution.
Leonardo Meneses
Real User
Incident Response Analyst at a security firm with 51-200 employees
Mar 18 2018

What is most valuable?

The go live, because it is possible to answer incidents while they are still occurring and minimize the effects.

How has it helped my organization?

Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks.

What needs improvement?

Needs improvement in the area of infrastructure for on-premise installation.

What's my experience with pricing, setup cost, and licensing?

The cost/benefit factor has great relevance in Cb Defense implementations.

If you previously used a different solution, which one did you use and why did you switch?

No previous solution was used.

What other advice do I have?

It is a product which will bring enough information and effectiveness in the detection and response to advanced threats.

Which other solutions did I evaluate?

We did not evaluate any other solution. We are partners of Carbon Black.
Jayandra Wickramasinghe
User
Senior Systems engineer at a tech services company
Apr 18 2018

What is most valuable?

Carbon Black Cb Defense has a nice component called Alert Triage. It has helped to detect threats across the data. It contains full details of the process execution "kill chain" and "go live" for… more»

How has it helped my organization?

Carbon Black Cb Defense improved our endpoint level security. It helped to identify endpoint and infrastructure loopholes.

What needs improvement?

It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine.

What's my experience with pricing, setup cost, and licensing?

The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price.

What other advice do I have?

I have done a few PoCs and implementations with Carbon Black Cb Defense.

Which other solutions did I evaluate?

We evaluated McAfee and Symantec.
See 1 More Carbon Black CB Defense Reviews

Articles

User Assessments By Topic About Carbon Black CB Defense

Find out what your peers are saying about Carbon Black, Cylance, CrowdStrike and others in Endpoint Protection for Business. Updated: October 2019.
372,374 professionals have used our research since 2012.

Carbon Black CB Defense Questions

What is Carbon Black CB Defense?

CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.

Also known as
Bit9, Confer
Carbon Black CB Defense customers

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Sign Up with Email