We performed a comparison between SECDO Platform and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."The most valuable feature is the analysis, because of the beta structure."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Forensics is a valuable feature of Fortinet FortiEDR."
"This is stable and scalable."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The product detects and blocks threats and is more proactive than firewalls."
"It basically automates the entire alert investigation process."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The ease of deployment is a valuable feature."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"The solution does very well as a baseline EDR and provides good process-level management."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"I haven't seen the use of AI in the solution."
"The solution should address emerging threats like SQL injection."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Making the portal mobile friendly would be helpful when I am out of office."
"The support needs improvement."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Maybe the notifications setting could use a simpler setting."
"The price should be reduced in order to be more competitive in the market."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The dashboard should be more user-friendly."
"Additionally, it is complex to use, and the pricing should be improved."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The cloud console has a lot of bugs and issues in the analysis part."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
Earn 20 points
SECDO Platform is ranked 9th in Security Incident Response while VMware Carbon Black Cloud is ranked 2nd in Security Incident Response with 18 reviews. SECDO Platform is rated 9.0, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". SECDO Platform is most compared with Fortinet FortiSOAR and Palo Alto Networks Cortex XSOAR, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Splunk SOAR and Palo Alto Networks Cortex XSOAR.
See our list of best Security Incident Response vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.