Carbon Black CB Defense Reviews

Carbon Black CB Defense is the #1 ranked solution of our top Security Incident Response tools. It's rated 4.2 out of 5 stars, and is most commonly compared to Carbon Black Cb Response - Carbon Black CB Defense vs Carbon Black Cb Response

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Karthik Balakrishnan
Consultant
Senior Security Consultant at a manufacturing company with 10,001+ employees
Oct 21 2018

What is most valuable?

Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total, so it is out of like 65 vendors that are normally… more »

How has it helped my organization?

It has improved the number of alerts or the number of threat events that we are able to recognize in our environment. And it also highlights the usage of potentially… more »

What needs improvement?

It is still evolving, as we see. We started using the version 3.0. We've been migrating and upgrading as well, laterally, until version 3.2. So, we have been seeing a lot… more »

What's my experience with pricing, setup cost, and licensing?

I just told you the price point that's one of the factors, basically because that is what the higher management gave us as an input. But, we didn't play a major role in… more »

Which solution did I use previously and why did I switch?

We did a comparison of products and analyzed how many of them are getting detected on a weekly basis. We also did a trend chart for a monthly threat review. Which… more »

What other advice do I have?

In terms of the fixes from what the behavior was with the environment, it has been evolving. And the only thing that could be improved is enabling Carbon Black to be a… more »

Which other solutions did I evaluate?

We also had a review of FireEye HX as well, but we chose this in terms of the utility and also in terms of the cost involved. So that is the reason why we chose CB… more »
Darrick Kristich
Consultant
Founder/CEO at Sedara
Apr 25 2019

What is most valuable?

The biggest feature out of Carbon Black is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and… more »

What needs improvement?

Symantec needs more investigative features out-of-the-box. Though, they are using the Advanced Threat Protection add-on to correct some of this. It is also not quite as feature-rich as some of the more advanced MDR platforms out there… more »

What's my experience with pricing, setup cost, and licensing?

The licensing costs are comparable between the two products. If you're purchasing the product, they're both typically a traditional license model with an annual type fee or multiyear. The fees are the cost of the professional services to… more »

Which solution did I use previously and why did I switch?

Because of the limitations that Symantec provided, and the fact that we were seeing data that was extremely helpful from the Symantec logs, yet it didn't provide us a way to investigate it further or respond to it. This led us down a path… more »

What other advice do I have?

Symantec aligns with a more traditional antivirus that a lot of people are just more familiar with. It has traditional signature sets, exceptions, and policies. When you're talking medium sized implementations, where it's several hundred or… more »
Learn what your peers think about Carbon Black CB Defense. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,441 professionals have used our research since 2012.
Imad Taha
Real User
Group CIO at a construction company with 10,001+ employees
Apr 16 2020

What is most valuable?

Carbon Black works completely differently from other products. We tested different products and Carbon Black was selected because it does not remove a virus but it kills any suspect operations and it's up to the admin to check the scenario… more »

What needs improvement?

As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less… more »

What's my experience with pricing, setup cost, and licensing?

We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me. We do have some big companies within our group. But if I have a small office with 20 users and all my licenses are in… more »

What other advice do I have?

My advice is to get enough information about the differences in Carbon Black products from day one. In other words, if Carbon Black is claiming that Carbon Black CB Defense is enough, why are they always promoting the more expensive… more »

Which other solutions did I evaluate?

To compare apples to apples, before going for Carbon Black I was thinking about CrowdStrike. CrowdStrike has a lot of very beautiful features that Carbon Black does not have, like IT asset management. But I am not buying this type of… more »
Dhrubo Roy
Real User
Threat and Vulnerability Engineer at Horizon Blue Cross Blue Shield of New Jersey
Jul 28 2020

What is most valuable?

What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process. Coming from McAfee… more »

What needs improvement?

The EDR portion could be better. I'm not a big fan, but it works. The End Point Detection Response and the way it lays our processes with our endpoint and its detection engine, in the way that it detects the admin or alerts we based on a… more »

What's my experience with pricing, setup cost, and licensing?

I think it's 28 per employee a year.

What other advice do I have?

The implementation is very easy but the security aspects could be better. If you don't have a SIEM solution in your organization, you're probably engaging via email.But there's no way to point me to customize the email templates if I want… more »

Which other solutions did I evaluate?

We also looked at CrowdStrike but it was a little too expensive.
Andre B.
Vendor
Executive Business Analyst & Advisor at a financial services firm with 10,001+ employees
Oct 23 2018

What is most valuable?

I think something that is the most valuable is the time-lining capability for any breach activity. It gives us the ability for us to actively threat hunt. This is not something where it's a passive response tool where we watch things… more »

How has it helped my organization?

We've integrated it with Splunk, with ThreatConnect, and a couple of others. It has a lot of modules for integration that has streamlined our ability to respond and decrease the amount of time for response, but also allowing us not to have… more »

What needs improvement?

In some areas one of the big issues for me is responsiveness to issues that arise with the solution. There are some components that leave a bit to be desired and/or that are bugs, or that even if it's a feature update request. These kinds… more »

What other advice do I have?

* Make ssure that your firewall ports open and really test communication back to their server. * Make sure you don't have anything else that may be impeding it. * If you are dealing with any PIA countries or GSA (also known as TAA)… more »

Which other solutions did I evaluate?

We also looked at Rsam and ESET. We've used a multitude. So yes, we have.
Reseller
Assistant Technical Manager at a tech services company with 11-50 employees
Apr 29 2020

What is most valuable?

* The triage feature that shows you the whole kill chain of the attack/malware is useful. It shows how the malware get into the endpoints and show what it has been done * The solution is easy to use and easy to deploy as it is cloud solution, no appliance is needed to deploy on premise

What needs improvement?

When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing. If they could focus on the alert and the event that the user… more »

What's my experience with pricing, setup cost, and licensing?

Although I'm more on the technical side and not involved in the pricing, it's more or less the same as other similar solutions.

What other advice do I have?

I would recommend this product to other people.
Real User
Sr. Security Analyst, Enterprise Architecture and Security at a tech services company with 5,001-10,000 employees
Jan 06 2019

What is most valuable?

Data analysis is the most valuable feature because of the whitelist database. It is different than standard IDS solutions.

How has it helped my organization?

It has improved our protection to have less false-positives. We have a greater ability to find malware notifications. It has improved between 30-35% more than prior to our use of the solution.

What needs improvement?

The UI interface needs improvement. The management needs further work in future versions.

What's my experience with pricing, setup cost, and licensing?

I am not really involved in the pricing of this product. From my understanding, the price is okay for us.

What other advice do I have?

I would advise Carbon Black to work on the automation and make it a bit easier for the solution.

Which other solutions did I evaluate?

We did consider other products but we chose this solution.
RajaeAl Najjar
Real User
Solutions Manager at Samir Group
Sep 29 2019

What is most valuable?

The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great.

What needs improvement?

The endpoint machines need improvement. The solution needs to be more effective for the end-user. It would be helpful to understand how to do some queries, but we’re still testing the solution right now, so everything is very new and we’re still learning the system.

What other advice do I have?

We did a POC with the solution. We’re still in the process of testing it, so we’re still learning the system. I would rate the solution eight out of ten.
See 1 More Carbon Black CB Defense Reviews

What is Carbon Black CB Defense?

CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.

Also known as
Bit9, Confer
Carbon Black CB Defense customers

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Read Archived Reviews