CrowdStrike Falcon vs VMware Carbon Black Endpoint comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Jan 29, 2024

We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:

  • Ease of Deployment: The setup process for CrowdStrike can be time-consuming, ranging from a few hours to several months. Users find it easy to deploy with minimal maintenance. The setup for Carbon Black can be difficult for those unfamiliar with Carbon Black. Some users encountered problems with unsupported operating systems. Nevertheless, most users discovered the installation process to be smooth and effective.
  • Features: CrowdStrike stands out for its advanced threat detection and proactive threat updates, as well as its ability to seamlessly integrate with various tools for enhanced protection. Carbon Black excels in continuous log monitoring, preventing zero-day threats, and seamlessly integrating with other software to emulate threats and set up automatic rules. Both solutions offer comprehensive protection and integration capabilities, but each has its own unique features that make them highly valuable in different ways.
  • Room for Improvement: Based on the reviews, CrowdStrike can enhance its setup process, incorporate ransomware protection, improve logs, reduce costs, enhance policy definition, increase integrations, and enhance malware analysis. Meanwhile, VMware Carbon Black Endpoint has room for improvement in node management, GUI, Check Point integration, compatibility with operating systems, technical support response time, cloud computing and Kubernetes support, and network detection functionality.
  • Pricing and ROI: Some users find the setup cost of CrowdStrike to be competitive, while others feel it should be more accessible. Meanwhile, Carbon Black is generally considered expensive, although some users find it to be less expensive compared to other vendors. While some users of CrowdStrike report a return on investment, others do not. They highlight cost savings, reduced manpower, and time savings in threat detection. On the other hand, Carbon Black receives positive reviews for its ROI, with successful prevention of malware attacks being mentioned. Users perceive it as offering effective environment protection and providing a good return on investment. 
  • Service and Support: Customers have had different experiences with CrowdStrike Falcon's customer service, with some finding it excellent while others think it needs improvement. There are mixed opinions on the support team's knowledge and responsiveness, as some encounter difficulties with time differences or slow response times. Similarly, Carbon Black Endpoint's customer service also receives mixed reviews. Some users rate it highly for its quick response and good interaction, while others feel that it has room for improvement.

Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.

To learn more, read our detailed CrowdStrike Falcon vs. VMware Carbon Black Endpoint Report (Updated: March 2024).
763,955 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"This is stable and scalable.""Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great.""The most valuable feature is the analysis, because of the beta structure.""Exceptions are easy to create and the interface is easy to follow with a nice appearance.""Ability to get forensics details and also memory exfiltration.""The console is easy to read. I also like the scanning part and the ability to move assets from one to the other.""Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution.""It is stable and scalable."

More Fortinet FortiEDR Pros →

"I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution.""Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution.""It is an easy product to deploy.""The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it.""The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence.""All the features are beneficial.""Scalability is good. We have had no issues with it.""At this point what is most valuable is the interface, which is easy to navigate."

More CrowdStrike Falcon Pros →

"Carbon Black has very good market strategies.""What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process.""Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts.""The tool is pretty stable.""Behavioral Monitoring stops known malicious events before they even begin.""The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great.""The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions.""VMware Carbon Black Endpoint is a highly stable solution."

More VMware Carbon Black Endpoint Pros →

Cons
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR.""FortiEDR can be improved by providing more detailed reporting.""To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced.""It takes about two business days for initial support, which is too slow in urgent situations.""I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components.""We'd like to see more one-to-one product presentations for the distribution channels.""The only minor concern is occasional interference with desired programs.""Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."

More Fortinet FortiEDR Cons →

"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time.""CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it.""The management of log aggregation is in need of improvement.""It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful.""They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution.""This solution is relatively expensive.""I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better.""Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."

More CrowdStrike Falcon Cons →

"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence.""I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others.""There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved.""In the next release, it would help if we can get better control over containers.""With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue.""When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing.""The device control feature could also be compatible with the user’s profile as well.""The GUI and reporting should be addressed and the product's administration features need fine tuning."

More VMware Carbon Black Endpoint Cons →

Pricing and Cost Advice
  • "I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service."
  • "There are no issues with the pricing."
  • "The price is comprable to other endpoint security solutions."
  • "The pricing is typical for enterprises and fairly priced."
  • "I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
  • "The pricing is good."
  • "I would rate the solution's pricing an eight out of ten."
  • "The hardware costs about €100,000 and about €20,000 annually for access."
  • More Fortinet FortiEDR Pricing and Cost Advice →

  • "The pricing will depend upon your volume of usage."
  • "I would like them to further reduce the price, because it is quite pricey at the moment."
  • "Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace."
  • "I do not have experience with the cost or licensing of the product."
  • "The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end users PC and we can tell if it's something that we actually need or something that's malicious."
  • "We are at about $60,000 per year."
  • "This solution has a very competitive price."
  • "Our company pays approximately US$ 65,000 annually for 900 machines."
  • More CrowdStrike Falcon Pricing and Cost Advice →

  • "​The cost/benefit factor has great relevance in Cb Defense implementations​."
  • "The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price."
  • "I am not really involved in the pricing of this product. But, from my understanding, it is OK for us."
  • "Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."
  • "We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."
  • "The pricing [is] more or less the same as other similar solutions."
  • "It's reasonable in price"
  • "The price for the solution is completely at government level, meaning one which is very high."
  • More VMware Carbon Black Endpoint Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EPP (Endpoint Protection for Business) solutions are best for your needs.
    763,955 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection… more »
    Top Answer:The product's initial setup phase is very easy.
    Top Answer:Fortinet FortiEDR is available at a very competitive price compared to the other products in the market. Customers also… more »
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Top Answer:I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR)… more »
    Top Answer:Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint… more »
    Top Answer:The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market.
    Comparisons
    Also Known As
    enSilo, FortiEDR
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Carbon Black CB Defense, Bit9, Confer
    Learn More
    Overview

    Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

    Fortinet FortiEDR Features

    Fortinet FortiEDR has many valuable key features, including:

    • Easily customizable
    • Real-time proactive risk mitigation & IoT security
    • Pre-infection protection
    • Post-infection protection
    • Track applications and ratings
    • Reduce the attack surface with risk-based proactive policies
    • Achieve analysis of entire log history
    • Optional managed detection and response (MDR) service

    Fortinet FortiEDR Benefits

    Some of the key benefits of using Fortinet FortiEDR include:

    • Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.

    • Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.

    • Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.

    • Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.

    • Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

    An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

    Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

    Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

    DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

    CrowdStrike Falcon is a comprehensive endpoint protection platform, primarily designed to meet the evolving cybersecurity needs of modern enterprises. It employs machine learning, behavioral analytics, and integrated threat intelligence to combat a wide range of cyber threats. CrowdStrike Falcon stands out for its cloud-native architecture, ensuring real-time protection and threat intelligence, essential for safeguarding dynamic environments. Its lightweight agent architecture minimizes system performance impact while offering extensive network visibility.

    CrowdStrike Falcon offers robust, user-friendly cybersecurity measures that are crucial for protecting digital assets and minimizing the risk of data breaches and cyberattacks. Its proactive threat detection and mitigation help maintain business continuity and protect brand reputation. Additionally, its scalability and ease of use contribute to cost-effectiveness by reducing the need for extensive IT resources and training. The platform's seamless integration with existing IT infrastructures makes it a versatile choice for diverse IT environments.

    During our conversations with CrowdStrike's users, they highly regard CrowdStrike Falcon for its efficiency in detecting and responding to threats, ease of use, and minimal system impact. It's praised for its comprehensive coverage, extending beyond traditional antivirus solutions, with strong customer support and continuous improvements.

    General Feedback and Recommendations:

    • Strengths: Its lightweight agent, stability, scalability, positive technical support experience, and improvements over competitors are notable strengths.
    • Weaknesses: The extraction process did not effectively capture the weaknesses, indicating a need for more precise data analysis.
    • Implementation and Usage: Insights include scalability and stability, particularly in cloud solutions, and ease of implementation without external assistance.

    Key Features and Advantages:

    1. Advanced Threat Detection and Response - utilizes sophisticated algorithms and machine learning to identify and neutralize preemptively, crucial for mitigating risks from advanced persistent threats (APTs) and zero-day exploits.
    2. Comprehensive Visibility and Insight - provides deep endpoint activity visibility, enabling IT teams to detect anomalies and respond to incidents effectively.
    3. Cloud-Native Architecture - offers scalability and flexibility, adapting to changing business needs, beneficial for organizations scaling operations or transitioning to cloud infrastructures.
    4. Integrated Threat Intelligence - backed by CrowdStrike's threat intelligence database, the platform stays ahead of attackers with continuously updated information on emerging threats.
    5. Ease of Deployment and Management - Its lightweight agent and cloud-based management console simplify deployment and management, which is practical for businesses of all sizes.
    6. Compliance and Risk Management - aids in meeting compliance requirements with thorough reporting and audit trails, essential for regulatory scrutiny.
    7. User and Entity Behavior Analytics (UEBA) - Analyzing user behavior patterns enhances detection capabilities against insider threats and compromised accounts.

    CrowdStrike Falcon offers various pricing plans based on endpoints and required features. The plans cater to different organizational sizes and needs, from basic endpoint protection to comprehensive protection with advanced capabilities. Additional features like DLP, UBA, Endpoint Sandboxing, and MDR are available, with pricing upon request.

    CrowdStrike Falcon emerges as a sophisticated solution for enterprise cybersecurity, offering advanced threat detection, scalability, and user-friendly design. It's well-suited for both IT professionals and business executives, protecting against current cyber threats and adaptable to future challenges in the cybersecurity landscape. For a more detailed understanding, especially concerning its use cases and weaknesses, a manual review of user feedback might be necessary.

    VMware Carbon Black Endpoint Security is a comprehensive endpoint protection platform (EPP) designed to safeguard enterprises from advanced cyber threats, malware, ransomware, and other forms of malicious attacks. Leveraging cloud-native architecture, it provides a robust set of tools to detect, prevent, investigate, and respond to cybersecurity incidents across environment. The solution stands out for its advanced behavioral analytics, real-time threat hunting, and customizable policies, making it a preferred choice for businesses seeking to fortify their defenses in the evolving cybersecurity landscape.

    Modernize Your Endpoint Protection

    Legacy approaches to prevention leave organizations exposed. Get an endpoint platform that helps you strengthen and unify security tools to see more and stop more.

    Simplify Your Security Stack

    By simplifying endpoint security capabilities with one endpoint agent and console, you can minimize downtime, respond to incidents and return critical CPU cycles back to the business.

    Operate with Confidence

    Modern environments are increasingly complex. VMware Carbon Black is a single source of truth that provides an intuitive understanding of your environment, enabling confident decisions.

    Offer
    Learn more about Fortinet FortiEDR
    Get Fast and Easy Protection Against All Threats

    Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.

    Learn more about VMware Carbon Black Endpoint
    Sample Customers
    Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
    Information Not Available
    Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
    Top Industries
    REVIEWERS
    Financial Services Firm21%
    Comms Service Provider11%
    Manufacturing Company11%
    Educational Organization5%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government8%
    Manufacturing Company8%
    Financial Services Firm8%
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm16%
    Comms Service Provider8%
    Energy/Utilities Company8%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm10%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Manufacturing Company20%
    Computer Software Company18%
    Construction Company9%
    Financial Services Firm9%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business50%
    Midsize Enterprise16%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business33%
    Midsize Enterprise24%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    REVIEWERS
    Small Business42%
    Midsize Enterprise15%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise19%
    Large Enterprise55%
    Buyer's Guide
    CrowdStrike Falcon vs. VMware Carbon Black Endpoint
    March 2024
    Find out what your peers are saying about CrowdStrike Falcon vs. VMware Carbon Black Endpoint and other solutions. Updated: March 2024.
    763,955 professionals have used our research since 2012.

    CrowdStrike Falcon is ranked 3rd in EPP (Endpoint Protection for Business) with 52 reviews while VMware Carbon Black Endpoint is ranked 13th in EPP (Endpoint Protection for Business) with 23 reviews. CrowdStrike Falcon is rated 8.6, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Advanced threat detection but compatibility issues with some operating systems". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Tanium. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.

    See our list of best EPP (Endpoint Protection for Business) vendors, best EDR (Endpoint Detection and Response) vendors, and best Ransomware Protection vendors.

    We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.