Most Helpful Review
Find out what your peers are saying about Carbon Black CB Defense vs. Symantec Endpoint Protection (EPP) and other solutions. Updated: June 2019.
345,805 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment.
The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions.
It actually does some heuristics, and some behavioral analysis.
The most valuable asset is the time-lining capability for any breach activity.
This product has the capability of uploading scripts to the tool and this is a very comprehensive feature.
Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total.
It gives you all of the information in a short and sweet fashion.
The software uses very few resources; it is almost invisible to the end user.
The most valuable feature is the virus and malware detection capability.
This solution has helped us because it is really useful for blocking all kinds of viruses.
Threat protection has always worked well.
Endpoint protection has improved our operations by protecting our servers from potential cyber threats.
Endpoint Protection is the next generation. It covers antivirus, spamware, ransomware...
The fact that it has centralized management is the most valuable feature.
The technical support is very good. They have an Indian support team, so there are no delays in receiving support.
Symantec has cloud-based endpoint protection, so whether a user is off the network or on the network, the endpoint will be protected by the cloud.
Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform.
The UI interface needs improvement. The management needs further work in future versions.
The tech support communicates, but it's just not with movement.
I would personally give the tech support a rating of seven out of ten.
Adding an application and a device control feature would be a great help for this solution.
Report generation can be improved.
But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly.
The directions for Splunk are spot on, but it is difficult to find anything on integration with AlienVault,
This solution needs better compatibility with services and applications.
Sometimes, when we are creating a new policy, some of the clients are not being updated with the latest policy.
This latest version has proven unreliable for management and installation.
We must have complete dissolution with advance care protection but we are finding out that we need more Symantec technical specialists. We have identified a need to hire at least one more technical specialist familiar with Symantec to improve our solutions capabilities.
Any external device which is inserted into a computer should be subject to an auto-scan policy, to automatically scan it before accepting the device... They need to make it more user-friendly, so that when anyone puts in a USB stick it will be scanned, popping up any problems before it is used.
About four years back, Symantec's signature was very heavy and their signature patch was around 200MB or 300MB files.
There are a few negative points. They should separate the feature for each separate solution for mobile devices. The second one is about the price, it's expensive. Finally, the third would be the complexity of implementation.
I think the CPU dependence should be enhanced.
Pricing and Cost Advice
Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide.
I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.
The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price.
The cost/benefit factor has great relevance in Cb Defense implementations.
Compared to other products and brands here in Mexico, the price is okay, somewhere in the middle. Our solution is unique in that it can adapt to a variety of pricing and licensing constraints considering we have the corporate, government, and academic mandates. The
Pricing and licensing for our country is very good. It's not that expensive and the endpoint security is very good. It's not as cheap as some others, but they are not as good.
We pay on a yearly basis...
Zero-day threat or advanced attacks should be part of the endpoint. The product should not require you to buy a separate license.
Each annual client license is around 1200 or 1600 INR.
Pricing and licensing are important to us when choosing a product.
It's not cheap.
It is the better product, even if it is a little on the higher side.
Symantec opened our eyes to be able to see what's out there, but then we needed Carbon Black to be able to actively fix it
What is our primary use case?We are a partner in the managed security service provider (MSSP) space. We service hundreds of customers globally. We implement these solutions on behalf of our customers. With Carbon Black, we've been using them for about six years. We're an MSSP and channel partner with them, as well as an incident response partner. We were like the second incident response company registered with them (through that program) to start using the cb Defense platform. We also integrate it with SIEM. However, we're using it in a managed service capacity. We usually implement it, then manage the platform for our clients long-term. It's used for traditional antivirus, real-time threat protection and prevention, and it also provides us with the ability to do more in-depth investigations into endpoints. With the product, we can do a bit of threat hunting along with managed detection and response. The platform works quite well using it in this capacity. With Symantec, we have been using it for about six years. We integrate it with our SIEM products. We have a lot of customers who actually run it, so we see it quite often. We collect a lot of data from Symantec and help with responding to anything that Symantec finds. We've had a chance to use the product quite a lot.
What is most valuable?The biggest feature out of Carbon Black is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified… Read more »
out of 56 in Endpoint Protection for Business
Average Words per Review
out of 56 in Endpoint Protection for Business
Average Words per Review
Compared 13% of the time.
Compared 12% of the time.
Compared 9% of the time.
Compared 27% of the time.
Compared 10% of the time.
Compared 8% of the time.
Also Known As
|Bit9, Confer||Symantec AntiVirus|
CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.
Symantec Endpoint Protection is a powerful endpoint antivirus software solution, which provides multiple layers of protection against all types of known and unknown threats. Powered by SONAR and Symantec Insight, Symantec Endpoint Protection combines all the security tools that you could require into one proactive solution.
It integrates antivirus, firewall, antispyware, intrusion prevention, application control and device control, and allows you to manage all of these tools centrally from one agent. Upgrades happen automatically, and the software offers seamless migration from previous versions.
This solution maximizes the security and performance of physical and virtual systems, and is compatible with multiple operating systems, such as Windows, Mac and Linux. Symantec Endpoint Protection is recommended for environments with more than 250 users.
Learn more about Carbon Black CB Defense
Learn more about Symantec Endpoint Protection (EPP)
|Twitter, Trip Advisor, Subaru. Samsung, Nissan, Coca Cola, Adobe Sunoco||Audio Visual Dynamics, Red Deer Advocate, Asia Pacific Telecom Co. Ltd., Kibbutz Ein Gedi, and AMETEK, Inc.|
Financial Services Firm18%
Venture Capital & Private Equity Firm9%
Writing And Editing Position8%
Financial Services Firm31%
Comms Service Provider10%