We compared Microsoft Defender for Endpoint and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: The reviews suggest that Microsoft Defender for Endpoint is commended for its simple installation process, seamless integration with Windows, and effective detection and correlation of threats. However, it may suffer from a lack of clarity in its licensing model and limitations in its user interface, security features, and customization options. On the other hand, VMware Carbon Black Endpoint may present a more challenging initial setup and higher pricing. Nevertheless, it offers advanced functionalities, robust protection against attacks, extensive integration possibilities, and a highly acclaimed EDR capability. It is noted that improvements are needed in terms of management, graphical user interface, compatibility, and technical support. Overall, both products possess their individual strengths and weaknesses.
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"This is stable and scalable."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Ability to get forensics details and also memory exfiltration."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"In my opinion, the most valuable aspects are the reporting analytics and integration with Sentinel. Defender does an excellent job of correlating the different entities that comprise threat analysis, analytics data, and log analytics. It helps to piece together investigations into any exploit or malicious activity within a specific tenant. AI and analytics tools are probably the most valuable components."
"Real-time detection and cloud-based delivery of detections are highly efficient."
"The performance of Microsoft Defender for Endpoint has been a valuable feature."
"I like the fact that it has the ransomware solution in there. I'm glad that the ransomware solution is built into it. That's probably the biggest thing that I see in Microsoft Defender."
"The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use."
"The antivirus features are very useful."
"I like that Defender is integrated and doesn't have a third-party payload trying to advertise subscription renewal."
"It's very easy to scale because it comes built-in with Windows 10, and you just need to enable it. This can be done on scale using group policies or through Endpoint Manager on cloud or Intune."
"We can access computers remotely if we need to."
"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
"The tool is pretty stable."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"It is stable and easy to set up."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"The initial setup is very easy."
"The most valuable feature of the solution stems from the support it provides."
"The solution is not stable."
"The dashboard isn't easy to access and manage."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"ZTNA can improve latency."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution should address emerging threats like SQL injection."
"Cannot be used on mobile devices with a secure connection."
"It is inexpensive but could be cheaper like anything else."
"The solution could improve by providing more integration."
"The time it takes to implement policies has room for improvement."
"The dashboard customization could be improved."
"The central management console should be improved because it provides limited options to configure Windows Defender."
"Microsoft Defender for Endpoint could improve by making the reporting better."
"Some of the integrations that Defender should include involve the use of the web app."
"My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."
"In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it."
"The application control can be improved. It should also have an automatic update of the agents."
"Right now, Carbon Black CB Defense doesn't support cloud computing and Kubernetes."
"The product's reporting capabilities are an area of concern where improvements are required."
"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others."
"It would be nice to have additional forensic tools that you can build into the back end."
"It is difficult to extract reports for ongoing scans"
"This solution could have greater granular control on how certain applications work."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in EPP (Endpoint Protection for Business) with 78 reviews while VMware Carbon Black Endpoint is ranked 13th in EPP (Endpoint Protection for Business) with 23 reviews. Microsoft Defender for Endpoint is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Advanced threat detection but compatibility issues with some operating systems". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon and SentinelOne Singularity Complete, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Tanium. See our Microsoft Defender for Endpoint vs. VMware Carbon Black Endpoint report.
See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.