We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The detection response and quarantining are very good features."
"The solution is simple to use and to integrate with IBM QRadar."
"This is a good solution that we recommend for customers."
"The solution is very easy to use."
"The UBA, User Behavior Analytics, is very good."
"Its flexibility is the most valuable."
"It's really simple and has a flexible interface."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"The implementation could be a bit simpler."
"The integration could be improved so that it is easy to integrate with other solutions."
"Its price needs improvement."
"The product needs a bit more development."
"The initial setup is complex."
"There is a license you need to pay for in order to use this product."
"It is very expensive."
CB Response is an industry-leading incident response and threat hunting solution designed
for security operations center (SOC) teams. CB Response continuously records and stores
unfiltered endpoint data, so that security professionals can hunt threats in real time and
visualize the complete attack kill chain. It leverages the CB Predictive Security Cloud’s
aggregated threat intelligence, which is applied to the endpoint activity system of record for
evidence and detection of these identified threats and patterns of behavior.
The Resilient Incident Response Platform (IRP) is the leading platform for orchestrating and automating incident response processes.
The Resilient IRP quickly and easily integrates with your organization’s existing security and IT investments. It makes security alerts instantly actionable, provides valuable intelligence and incident context, and enables adaptive response to complex cyber threats.
Carbon Black CB Response is ranked 3rd in Security Incident Response with 2 reviews while IBM Resilient is ranked 2nd in Security Incident Response with 6 reviews. Carbon Black CB Response is rated 8.6, while IBM Resilient is rated 7.2. The top reviewer of Carbon Black CB Response writes "Malicious activity detection response and automatic quarantining for endpoint security of your environment ". On the other hand, the top reviewer of IBM Resilient writes "Easy to use with good stability but needs more documentation". Carbon Black CB Response is most compared with Carbon Black CB Defense, Secureworks Red Cloak Threat Detection and Response, Splunk Phantom and Cynet, whereas IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk Phantom, ServiceNow Security Operations and Fortinet FortiSOAR. See our Carbon Black CB Response vs. IBM Resilient report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.