We performed a comparison between Rapid7 InsightConnect and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The UI-based analytics are excellent."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The machine learning and artificial intelligence on offer are great."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"It's pretty powerful and its performance is pretty good."
"The tool is stable. The initial setup is straightforward. The product is user-friendly."
"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"The solution does very well as a baseline EDR and provides good process-level management."
"Integration and scalability are the most valuable."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The on-prem log sources still require a lot of development."
"The product can be improved by reducing the cost to use AI machine learning."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"We are invoiced according to the amount of data generated within each log."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"The technical support should be improved."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The solution's support could be improved."
"The threat intelligence feed could use some fine tweaking."
"It's not simple."
"The solution can only handle about 500 bans or blocks."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
Rapid7 InsightConnect is ranked 22nd in Security Orchestration Automation and Response (SOAR) with 2 reviews while VMware Carbon Black Cloud is ranked 2nd in Security Incident Response with 18 reviews. Rapid7 InsightConnect is rated 8.0, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Rapid7 InsightConnect writes "Excellent security orchestration and automation AI features". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Rapid7 InsightConnect is most compared with Palo Alto Networks Cortex XSOAR, ThreatConnect Threat Intelligence Platform (TIP), CrowdStrike Falcon, ServiceNow Security Operations and Splunk SOAR, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Splunk SOAR and Palo Alto Networks Cortex XSOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.