Mark BonnamyTechnical Director at Ridgewall Ltd
Anonymous UserSenior Infrastructure and Security Engineer at a manufacturing company
John-MainaNavision Consultant and user support at NCPD
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Its most valuable features are its scalability and advanced threat protection for customers."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"The most valuable features of this solution are the IPS and the integration with ISE."
"The simplicity of use is its most valuable feature. You can very clearly see things."
"The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
"I am really satisfied with the technical support."
"It is a very stable program."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"The most valuable feature is that it detects and stops malicious executables."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"The triage feature that shows you the whole chain of the malware is useful."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"It has intelligent learning behind it and we have been very successful in preventing attacks."
"I like the historical features, interface, and integration."
"Ensures that I'm working with a product that gets updated regularly without me having to remember to do it. Since it's a Microsoft product, I'm confident that it requires a low use of system resources. The benefit of that being that my computer isn't constantly being drained."
"It's free. There is no additional cost. It's part of Windows."
"Within its class I think, it has a high and decent detection rate."
"It's really stable. I've used a lot of stuff, a lot of products, like ESET and Kaspersky. None of them are comparable with this one. This one is much better."
"This is a very go, proactive solution to threat protection using advanced analysis."
"I like the real-time protection features. Windows Defender will detect if there's a threat like a Trojan or something like that but Kaspersky lets it run normally."
"Defender is integrated into the operating system. It's integrated with everything. You don't have to spend time analyzing what you have to do to be sure that the integration is okay between the security tool and all the other apps. This, from my point of view, is the main advantage."
"The most valuable features are that it's easy to use and the updates are very simple."
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released."
"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
"The solution needs more in-depth analytics."
"In the next version of this solution, I would like to see the addition of local authentication."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"The reporting and analytics areas of the solution need to be improved."
"I would like more seamless integration."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
"The endpoint machines need improvement."
"This solution works well but needs lots of tuning and optimization."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"The EDR portion could be better. I'm not a big fan, but it works."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"The feature set for the firewall needs improvement."
"It would be nice to have a paid upgrade that would provide additional screening of the day-to-day activities."
"Microsoft Windows Defender doesn't have a game mode."
"There's a lot of manual effort involved to configure what we need."
"The end-user also cannot do some advanced actions on it. It's a little bit complicated for our end-user, so it needs to be simplified."
"Updates are not coming out of preview quickly enough and it is holding back on the development of the product."
"The system can always be simplified and have a better integration check. More detailed reports would be good. When it does the integrated check, it just shows if the system is okay but I want to know what happened."
"The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices."
"I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number."
"The costs of 50 licenses of AMP for three years is around $9,360."
"The price is very good."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"In our case, it is a straightforward annual payment through our Enterprise Agreement."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
"Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."
"We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."
"The pricing [is] more or less the same as other similar solutions."
"It's reasonable in price"
"The product is free of charge and comes integrated into Windows."
"The solution is free."
"This product is included in the pricing for Windows."
"It is affordable and comes in the Office 365 bundle."
"I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license."
"This solution is part of Windows and comes included with it."
"I got it with the Microsoft Windows license."
"The solution is an open source version and was free with a paid version of Windows 10."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.
Carbon Black CB Defense is ranked 4th in Endpoint Protection (EPP) for Business with 16 reviews while Microsoft Defender Antivirus is ranked 1st in Anti-Malware Tools with 25 reviews. Carbon Black CB Defense is rated 8.0, while Microsoft Defender Antivirus is rated 8.0. The top reviewer of Carbon Black CB Defense writes "Symantec opened our eyes to be able to see what's out there, but then we needed Carbon Black to be able to actively fix it". On the other hand, the top reviewer of Microsoft Defender Antivirus writes "A security implementation that supplies proactive issue resolution with cloud analytics and APT". Carbon Black CB Defense is most compared with Carbon Black CB Response, CrowdStrike Falcon, SentinelOne, Trend Micro Deep Security and Sophos Intercept X, whereas Microsoft Defender Antivirus is most compared with Symantec End-User Endpoint Security, CrowdStrike Falcon, ESET Endpoint Security, Cortex XDR by Palo Alto Networks and CylancePROTECT. See our Carbon Black CB Defense vs. Microsoft Defender Antivirus report.
See our list of .
We monitor all Endpoint Protection (EPP) for Business reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.