Most Helpful Review
Find out what your peers are saying about Carbon Black CB Defense vs. Carbon Black Cb Response and other solutions. Updated: September 2019.
365,820 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is its ability to seek out abnormal activity and to create alerts.
The market information they gather from the community is really good. Their configuration capabilities are good.
Integration and scalability are the most valuable.
Carbon Black insures the probability that any ransomware will be stopped before spreading.
They're highly stable in comparison with other solutions I have.
The most valuable features are the threat-hunting and the batch console.
Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption.
The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread.
The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max.
It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM.
It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies.
Reporting is great, it is easy to do a quick search through 45 days of data for something of interest.
After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours.
It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another.
They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents
It's not simple.
The cloud console has a lot of bugs and issues in the analysis part.
The dashboard should be more user-friendly.
They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides...
The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation.
Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty.
We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new.
The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface.
Pricing and Cost Advice
Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth.
We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag.
You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base.
out of 18 in Security Incident Response
Average Words per Review
out of 20 in Endpoint Detection and Response
Average Words per Review
Compared 91% of the time.
Compared 3% of the time.
Compared 2% of the time.
Compared 14% of the time.
Compared 13% of the time.
Compared 11% of the time.
Also Known As
|Fidelis Elevate Platform, Fidelis Enterprise, Fidelis Cloud|
|Carbon Black||Fidelis Cybersecurity|
CB Response is an industry-leading incident response and threat hunting solution designed
Fidelis Elevate integrates network visibility, data loss prevention, deception, and endpoint detection and response into one unified solution. Now your security team can focus on the most urgent threats and protect sensitive data rather than spending time validating and triaging thousands of alerts.
Learn more about Carbon Black Cb Response
Learn more about Fidelis Elevate
|ALLETEbelk||First Midwest Bank|