Carbon Black Cb Response Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Nicholas Carroll
Real User
Cyber Security Manager at a insurance company with 51-200 employees
Apr 05 2018

What is most valuable?

The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we… more»

How has it helped my organization?

The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could… more»

What needs improvement?

Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if… more»

What's my experience with pricing, setup cost, and licensing?

We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break… more»

If you previously used a different solution, which one did you use and why did you switch?

We did not have a similar, previous solution that we were replacing. This was part of an initial push we were trying to make at the time into better systems security.

What other advice do I have?

Explore all options in the space and see if you’re ready to really use an incident response platform such as this for threat hunting in your environment, or if you should… more»

Which other solutions did I evaluate?

There wasn’t much similar to Response that I was familiar with at the time. Though some other vendors are starting to include similar features now, Response was a leader… more»
Reseller
Cyber Defense Consulunt at a security firm
Jul 21 2019

What is most valuable?

The market information they gather from the community is really good. Their configuration capabilities are good.

What needs improvement?

One of the big issues we're facing is that their solution doesn't support multi-tenants. The second area for improvement is that they have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents. In our scenario, having a client work within the cloud is not an option, so we cannot extend the support for Carbon Black to provide the… more»

What other advice do I have?

I would recommend anyone to go ahead with Carbon Black if they are looking for an EDR solution. From my experience with selling, some people have a misunderstanding of what it is they are supposed to do. I would recommend going with it but be aware that you will be overwhelmed with the number of receipts which require somebody to begin to follow up and investigate each incident. This is not… more»
Find out what your peers are saying about Carbon Black CB Defense vs. Carbon Black Cb Response and other solutions. Updated: September 2019.
370,827 professionals have used our research since 2012.
Real User
Security Analyst at a financial services firm with 10,001+ employees
Mar 24 2019

What is most valuable?

The most valuable features are the threat-hunting and the batch console.

How has it helped my organization?

When a machine gets infected and the user is not in sight, you cannot go to the user and ask them to analyze their machine, what was in their system. With this solution, you can do so remotely. This… more»

What needs improvement?

They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides, although we can type commands from the native operating system.

If you previously used a different solution, which one did you use and why did you switch?

This system is the only one I have used.

What other advice do I have?

You need to analyze your organization's needs. If you just want to protect things, it's very useful. I rate the solution at eight out of ten because they need to improve the console. We would like it… more»

Which other solutions did I evaluate?

I was not part of the decision-making process. It was the engineers who decided.
Imad Taha
Real User
Group CIO at a construction company with 10,001+ employees
Jul 02 2019

What is most valuable?

The feature we have found most valuable in Carbon Black is the defense.

How has it helped my organization?

Carbon Black ensures the probability that any ransomware will be stopped before spreading. This is very important. The solution provides this for our business.

What needs improvement?

This product has room for improvement in the cloud console. The cloud console has a lot of bugs and issues in the analysis part. The additional features I would like to see included in the next release are IT access components. We need to… more»

If you previously used a different solution, which one did you use and why did you switch?

We switched because of the effectiveness of Carbon Black. The software has a feature that it does not remove a threat but it kills their effect. Then later, you can do the scan in the night or the next day. I don't want to make the killing… more»

What other advice do I have?

I recommend using Carbon Black, but get enough training before deploying. This is very important. On a scale from 1 to 10, I would rate this product an 8.5 overall.
Real User
Consulting IT Architect
May 21 2018

What is most valuable?

Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption. In incident… more»

How has it helped my organization?

Carbon Black Cb Response significantly reduced time to containment in the environment which enabled the isolation of incidents to single hosts or network segments.

What needs improvement?

The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation.

What's my experience with pricing, setup cost, and licensing?

Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth.

What other advice do I have?

Ensure that you have sufficient resources to dedicate to maintaining and utilizing the product, including maintenance staff as well as incident responders and threat hunters. Be prepared to define metrics and use them to quantify the ROSI… more»
Snrsoftdev67
Reseller
Senior Software Developer Engineer at Diyar United Company
Aug 13 2019

What is most valuable?

The most valuable feature is its ability to seek out abnormal activity and to create alerts.

What needs improvement?

The first thing they can do is make it more available. It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another. The second thing is that they need to have a multi-tenancy feature, especially for the MSSP model. We wanted to have this… more»

What other advice do I have?

We are using both on-premises and cloud deployment models. I would rate the solution eight out of ten. Carbon Black is a very good product, but you still have to work on it from the perspective of MLA analyzing and installation. You have to fine-tune it to create a watch list and so on. These are the main things that they need to work on in order to improve the EDR services on their product.
Real User
Senior Information Security Specialist at a tech services company with 1,001-5,000 employees
Jul 12 2019

What is most valuable?

Integration and scalability are the most valuable. For example, if you chose a cloud solution, it's not very scalable, because it doesn't support any integration. But on the client side, you can combine materials, you can combine everything. You can add anything.

What needs improvement?

It's maybe it's too verbose. For a junior user or admin. You have to know some basic rules. It's not simple. For a junior engineer, it's confusing. It's hard to use Carbon Black Response. It will take time. It may take more than one year to understand the uses of the product. I'd like the ability to see all the kernel-side features also on the client side.

What other advice do I have?

I would rate this solution a nine out of ten.
Augusto Jose Garcia
Real User
SOC Analyst at a tech services company with 201-500 employees
Jul 01 2019

What do you think of Carbon Black Cb Response?

What is our primary use case?

I did some tests when they came out with the solution because my manager wants an assessment with Carbon Black. I tested the solution for two weeks. It was good. 

How has it helped my organization?

The tools are good. Carbon Black detects many threats, and problems for me.

What needs improvement?

The dashboard should be more user-friendly. The additional features I would like to see included in the next release are better analytics and report generation.

For how long have I used the solution?

I have been using Carbon Black less than one year.

What do I think about the stability of the solution?

They're highly stable in comparison with other solutions I have.

What do I think about the scalability of the solution?

The scalability, in my…
See 1 More Carbon Black Cb Response Reviews

Articles

User Assessments By Topic About Carbon Black Cb Response

Find out what your peers are saying about Carbon Black CB Defense vs. Carbon Black Cb Response and other solutions. Updated: September 2019.
370,827 professionals have used our research since 2012.

Carbon Black Cb Response Questions

What is Carbon Black Cb Response?

CB Response is an industry-leading incident response and threat hunting solution designed
for security operations center (SOC) teams. CB Response continuously records and stores
unfiltered endpoint data, so that security professionals can hunt threats in real time and
visualize the complete attack kill chain. It leverages the CB Predictive Security Cloud’s
aggregated threat intelligence, which is applied to the endpoint activity system of record for
evidence and detection of these identified threats and patterns of behavior.

Carbon Black Cb Response customers

ALLETE

belk

Sign Up with Email