We performed a comparison between ServiceNow Security Operations and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product has a very simple UI."
"The ease of use is great."
"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"My favorite feature is the application vulnerability scanner."
"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"Reduces time to closure and closure metrics for vulnerabilities."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"The solution is extremely scalable."
"The most valuable feature of the solution stems from the support it provides."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs."
"Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total."
"VMware Carbon Black Endpoint is a highly stable solution."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"We can access computers remotely if we need to."
"It doesn't interact with things very well."
"The initial setup is difficult."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"The threat intelligence module needs a better dashboard."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"I would personally give the tech support a rating of seven out of ten."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"The solution needs better overall compatibility with other products."
"The initial setup is complex."
"In the next release, it would help if we can get better control over containers."
"Right now, Carbon Black CB Defense doesn't support cloud computing and Kubernetes."
More ServiceNow Security Operations Pricing and Cost Advice →
ServiceNow Security Operations is ranked 4th in Security Incident Response with 14 reviews while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 61 reviews. ServiceNow Security Operations is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Microsoft Sentinel, Fortinet FortiSOAR and Swimlane, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trellix Endpoint Security. See our ServiceNow Security Operations vs. VMware Carbon Black Endpoint report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.