We performed a comparison between Trellix Helix and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is kind of simple and very easily deployable. You can start working with it very fast."
"I like that it's easy. It's got the protection set up, and we can see whatever is required. We write our own rules and the rules that we can input. I think it is good."
"The product offers very strong automation. Our cyber security analysts don't have to correlate the information to detect problems. They only need to analyze problems that have been identified by the platform."
"Trellix Helix helps prevent email attacks, like phishing and email spoofing attacks."
"The most valuable features include predefined use cases and threatening states."
"The integration is very useful and very easy. You can have an API connection with any cloud and I'll be able to do both ways of communication with the help of APA."
"FireEye Helix's best features are its speed and use of an easy-to-understand language to send queries to the raw logs."
"The initial setup is very easy."
"It uses machine learning and behavioral analytics for advanced threat detection and response."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"I like the historical features, interface, and integration."
"The product enables device controls, helping us protect the devices and prevent data leakages."
"I feel that the initial setup was straightforward and not complex."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"FireEye Helix would be improved with the option of an on-prem version, which they don't currently offer."
"The graphical user interface could be improved. It's not easy to handle and it's not easy for a customer or end-user to learn how to manage the solution."
"We have certain challenges with integrating the SOAR platform with multiple vendors."
"It should have more cloud connectors. It could also be cheaper."
"Trellix Helix's configuration and learning could be improved to identify normal traffic from abnormal and to identify trusted domains."
"Sometimes the rules are disabled by FireEye, and we basically get it after the patch. I think there needs to be a better way of creating the application rules. I would like to see better pricing for our licensing."
"Integrations could be improved, and the dashboard could be a little better."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"Needs improvement in the area of infrastructure for on-premise installation."
"There's some disparity between the on-premise and the cloud type of application."
"There is room for improvement in the support and service team."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
Trellix Helix is ranked 6th in Security Incident Response with 7 reviews while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 61 reviews. Trellix Helix is rated 8.6, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Trellix Helix writes "Helps prevent email attacks, like phishing and email spoofing attacks". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Trellix Helix is most compared with LogRhythm SIEM, Microsoft Sentinel, Splunk Enterprise Security, Trellix ESM and IBM Security QRadar, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Symantec Endpoint Security. See our Trellix Helix vs. VMware Carbon Black Endpoint report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.