We performed a comparison between Elastic Security and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It is stable and scalable."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet is very user-friendly for customers."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Ability to get forensics details and also memory exfiltration."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"Elastic Security is very easy to adapt."
"The most valuable feature is the ability to collect authentication information from service providers."
"The intelligence of the system has been very impressive. It's not quite AI, but the technical bit where it correlates information, based on the seen attacks within an organization is good."
"The most valuable feature for me is Discover."
"The product allows us to focus on endpoint and antivirus protection."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"It uses machine learning and behavioral analytics for advanced threat detection and response."
"VMware Carbon Black Endpoint is a highly stable solution."
"The triage feature that shows you the whole chain of the malware is useful."
"CB Defense is more powerful, and you can take more actions than others. Its security features and signatures are constantly updated, so it is more effective than other security solutions."
"I feel that the initial setup was straightforward and not complex."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The support needs improvement."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Making the portal mobile friendly would be helpful when I am out of office."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Better integration with third-party APMs would be really good."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"We'd like better premium support."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"It would be nice to have additional forensic tools that you can build into the back end."
"Integration is difficult, but CB Defense is more powerful than others. It is difficult to implement but easy to pick up many detections."
"CB Defense could be more compatible with Linux, and its cloud provision could be improved."
"It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
"I would like to see the user credentials feature improved. I would also like to see more reporting features and better ways to roll the reports out."
"The EDR portion could be better. I'm not a big fan, but it works."
"This solution could have greater granular control on how certain applications work."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while VMware Carbon Black Endpoint is ranked 12th in Endpoint Detection and Response (EDR) with 61 reviews. Elastic Security is rated 7.6, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security and SentinelOne Singularity Complete. See our Elastic Security vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.