We compared Microsoft Defender for Endpoint and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: The reviews suggest that Microsoft Defender for Endpoint is commended for its simple installation process, seamless integration with Windows, and effective detection and correlation of threats. However, it may suffer from a lack of clarity in its licensing model and limitations in its user interface, security features, and customization options. On the other hand, VMware Carbon Black Endpoint may present a more challenging initial setup and higher pricing. Nevertheless, it offers advanced functionalities, robust protection against attacks, extensive integration possibilities, and a highly acclaimed EDR capability. It is noted that improvements are needed in terms of management, graphical user interface, compatibility, and technical support. Overall, both products possess their individual strengths and weaknesses.
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"NGAV and EDR features are outstanding."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The setup is pretty simple."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Forensics is a valuable feature of Fortinet FortiEDR."
"You have endpoint security to keep your devices safe. That's the feature that we're interested in."
"The solution provides protections and reports about strange behavior and automatically blocks some of it. I love the way that statuses are represented."
"Defender is stable. The performance is good."
"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
"The primary advantage is that you don't need to install it. It's included in the Windows 10 delivery."
"There are some competitive products on the market, but the best is Microsoft Defender because it's very easy to integrate. That's one reason a lot of clients want Microsoft Defender. It's also very easy to implement compared to other solutions."
"We are able to productively integrate with existing on-prem, hybrid, or cloud applications."
"This product is flexible, and it is very easy to get updates from the Microsoft website."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The initial setup is pretty straightforward."
"It actually does some heuristics, and some behavioral analysis."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"It is a very complete platform."
"The visibility provided has been great."
"It has the best live response feature."
"The most valuable feature of the solution stems from the support it provides."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The only minor concern is occasional interference with desired programs."
"Cannot be used on mobile devices with a secure connection."
"I would like to see improvements made to how it secures activities on web pages."
"The initial setup can be a bit complex."
"At times, the other antivirus products are now doing AI, in terms of understanding the behavior of the system and determining when there's an anomaly. This is something that Defender can improve on."
"The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard."
"We would like to see more tools for managing on-premises security... Sometimes, we have the tools, like Defender, to manage security in the cloud, but because we are so focused on the cloud, we forget the fact that we need to be sure about the security of the on-premises environment, specifically Active Directory."
"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."
"I would like to see the next generation of the tool improved to work with other operating systems, like Linux."
"It could be easier when it comes to managing exceptions."
"Needs improvement in the area of infrastructure for on-premise installation."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
"The tech support communicates, but it's just not with movement."
"In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it."
"The solution has to mature on container security and a lot of cloud environment security."
"In the next release, it would help if we can get better control over containers."
"The product's reporting capabilities are an area of concern where improvements are required."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 61 reviews. Microsoft Defender for Endpoint is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our Microsoft Defender for Endpoint vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.