We performed a comparison between Trellix Endpoint Detection and Response (EDR) and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The solution was relatively easy to deploy."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Trellix has a user-friendly interface."
"It is a stable solution. Stability-wise, I rate the solution a nine out of ten...I rate the solution's technical support team a nine and a half or ten out of ten."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"The product provides a one-click recovery of encrypted files."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"The product is user-friendly."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"It gives you all of the information in a short and sweet fashion."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"The tool is pretty stable."
"The triage feature that shows you the whole chain of the malware is useful."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"There's lots of very useful documentation online to help troubleshoot and learn about the product."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The solution is not stable."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The SIEM could be improved."
"Detections could be improved."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"The graphical view for nodes must be increased."
"One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement."
"The CPU utilization of the product is quite high compared to its competitors."
"The console has a lot of bugs, and it creates many issues."
"Trellix does not support Linux and Mac."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"Performing a malware scan usually takes a lot of time, more than 24 hours."
"The solution needs better overall compatibility with other products."
"Right now, Carbon Black CB Defense doesn't support cloud computing and Kubernetes."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
"The endpoint machines need improvement."
"It is difficult to extract reports for ongoing scans"
"It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews while VMware Carbon Black Endpoint is ranked 12th in Endpoint Detection and Response (EDR) with 61 reviews. Trellix Endpoint Detection and Response (EDR) is rated 7.4, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, Microsoft Defender for Endpoint and Elastic Security, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks. See our Trellix Endpoint Detection and Response (EDR) vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.