Carbon Black Cb Response vs Fidelis Enterprise

Carbon Black Cb Response is ranked 2nd in Security Incident Response with 3 reviews vs Fidelis Enterprise which is ranked 4th in Security Incident Response with 1 review. The top reviewer of Carbon Black Cb Response writes "Enhanced logging allowed us to quickly identify/resolve security issues". The top reviewer of Fidelis Enterprise writes "Quick search improves our hunt ability, but interface bug causes unscheduled reboots". Carbon Black Cb Response is most compared with Carbon Black Cb Defense, Fidelis Enterprise and SECDO Platform . Fidelis Enterprise is most compared with Symantec Data Loss Prevention, IBM Resilient and Forcepoint Data Loss Prevention.
Cancel
You must select at least 2 products to compare!
+Add products to compare
Most Helpful Review

Have A Question About Security Incident Response?

Our experts can help. 279,728 professionals have used our research on 6,322 solutions.

Quotes From Members Comparing Carbon Black Cb Response vs Fidelis Enterprise

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Pros
Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption.The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread.The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems.We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns.For setup, the server can be given to you as a VM image and with minimal configuration needed.We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts.​​The ability to isolate an endpoint with only the host name and a click of a button is a major time saver.

Read more »

It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM.It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies.Reporting is great, it is easy to do a quick search through 45 days of data for something of interest.After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours.

Read more »

Cons
The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation.Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty.The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now.The threat intelligence feed could use some fine tweaking.We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds.

Read more »

The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface.

Read more »

Pricing and Cost Advice
Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth.We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag.

Read more »

You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base.

Read more »

Have A Question About Security Incident Response?

Our experts can help. 279,728 professionals have used our research on 6,322 solutions.
Ranking
RANKING
Views
215
Comparisons
134
Reviews
3
Followers
25
Avg. Rating
8.7
Views
543
Comparisons
284
Reviews
1
Followers
152
Avg. Rating
7.0
Top Comparisons
Top ComparisonsSee more Carbon Black Cb Response competitors »
Compared 19% of the time.
See more Fidelis Enterprise competitors »
Also Known As
Also Known AsFidelis Cloud
Website/Video
Website/VideoCarbon Black
Fidelis Security Systems
OFFER
Learn more about Carbon Black Cb Response
Learn more about Fidelis Enterprise
Sample Customers
Sample Customers
Information Not Available
CISO of a major US city

Have A Question About Security Incident Response?

Our experts can help. 279,728 professionals have used our research on 6,322 solutions.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email