Most Helpful Review
Find out what your peers are saying about Carbon Black CB Defense vs. Carbon Black Cb Response and other solutions. Updated: May 2019.
345,622 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment.
The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions.
It actually does some heuristics, and some behavioral analysis.
The most valuable asset is the time-lining capability for any breach activity.
This product has the capability of uploading scripts to the tool and this is a very comprehensive feature.
Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total.
It gives you all of the information in a short and sweet fashion.
The software uses very few resources; it is almost invisible to the end user.
The most valuable features are the threat-hunting and the batch console.
Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption.
The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread.
The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems.
We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns.
For setup, the server can be given to you as a VM image and with minimal configuration needed.
We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts.
The ability to isolate an endpoint with only the host name and a click of a button is a major time saver.
Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform.
The UI interface needs improvement. The management needs further work in future versions.
The tech support communicates, but it's just not with movement.
I would personally give the tech support a rating of seven out of ten.
Adding an application and a device control feature would be a great help for this solution.
Report generation can be improved.
But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly.
The directions for Splunk are spot on, but it is difficult to find anything on integration with AlienVault,
They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides...
The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation.
Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty.
The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now.
The threat intelligence feed could use some fine tweaking.
We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds.
Pricing and Cost Advice
Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price.
The cost/benefit factor has great relevance in Cb Defense implementations.
Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth.
We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag.
out of 18 in Security Incident Response
Average Words per Review
out of 18 in Security Incident Response
Average Words per Review
Compared 13% of the time.
Compared 12% of the time.
Compared 9% of the time.
Compared 90% of the time.
Compared 4% of the time.
Compared 2% of the time.
Also Known As
|Carbon Black||Carbon Black|
CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.
|Cb Response is an industry-leading incident response and threat hunting solution designed for security operations center (SOC) teams. Cb Response continuously records and captures unfiltered endpoint data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the Cb Predictive Security Cloud's aggregated threat intelligence, continuously comparing intel to current and historical endpoint activity, exposing undetected threats.|
Learn more about Carbon Black CB Defense
Learn more about Carbon Black Cb Response
|Twitter, Trip Advisor, Subaru. Samsung, Nissan, Coca Cola, Adobe Sunoco|
Information Not Available
Financial Services Firm18%
Venture Capital & Private Equity Firm9%
Writing And Editing Position8%
No Data Available