We performed a comparison between ServiceNow Security Operations and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"The solution is available over the cloud and is easy to manage."
"Reduces time to closure and closure metrics for vulnerabilities."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"The ease of use is great."
"The solution is stable."
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The detection response and quarantining are very good features."
"The solution does very well as a baseline EDR and provides good process-level management."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"For setup, the server can be given to you as a VM image and with minimal configuration needed."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"The initial setup is difficult."
"It doesn't interact with things very well."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"Training and education for both partner and customer, including product marketing need to be improved."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The cloud console has a lot of bugs and issues in the analysis part."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"The solution can only handle about 500 bans or blocks."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
More ServiceNow Security Operations Pricing and Cost Advice →
ServiceNow Security Operations is ranked 3rd in Security Incident Response with 14 reviews while VMware Carbon Black Cloud is ranked 2nd in Security Incident Response with 18 reviews. ServiceNow Security Operations is rated 8.0, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Microsoft Sentinel, IBM Resilient and Fortinet FortiSOAR, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Splunk SOAR and Palo Alto Networks Cortex XSOAR. See our ServiceNow Security Operations vs. VMware Carbon Black Cloud report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.