We compared Cybereason Endpoint Detection & Response and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Cybereason offers both manual and automated setup options with varying deployment times, while Carbon Black has a straightforward setup process that might pose challenges for some users. Cybereason provides a user-friendly interface and highly regarded support, whereas Carbon Black offers advanced functionalities like continuous monitoring of logs and integration with other security tools. However, Cybereason is criticized for resource consumption and needs improvement in reporting features, while Carbon Black requires better node management and enhancements in GUI and troubleshooting. Cybereason is considered manageable and cheaper compared to larger competitors in terms of pricing, while Carbon Black is generally pricier.
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The setup is pretty simple."
"The stability is very good."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The solution was relatively easy to deploy."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"The initial setup was easy and straightforward."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"The initial setup process is straightforward."
"It gives all the information in a clear response."
"I like its protection very much. It protects and allows us to lock the environment pretty tightly. Nothing that is not approved through Carbon Black can run in the environment. There is no default. Everything goes through Carbon Black Protect, and everything has to be first approved. Every software is considered to be guilty before prove innocent."
"I feel that the initial setup was straightforward and not complex."
"The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market."
"The most valuable feature is that it detects and stops malicious executables."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"VMware Carbon Black Endpoint is a highly stable solution."
"The most valuable feature of the solution stems from the support it provides."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"The only minor concern is occasional interference with desired programs."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I haven't seen the use of AI in the solution."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"I feel that the product lacks reporting features and needs improvement."
"The reporting feature needs improvement."
"They need to improve their technical support services."
"There can be problems with the EDI."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"Cybereason does not have sandbox functionality."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"The local technical support is very poor, but the support from headquarters is very nice."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
"The EDR portion could be better. I'm not a big fan, but it works."
"Its compatibility can be improved. It did crash a server during deployment, which is not something that I want to happen. Its deployment should also be easier. The whole deployment cycle needs to be simplified. It is an enterprise solution, and to set it up right now, you have to be an expert."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"Performing a malware scan usually takes a lot of time, more than 24 hours."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 42nd in Endpoint Protection Platform (EPP) with 19 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 61 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and CylancePROTECT, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks. See our Cybereason Endpoint Detection & Response vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.