Carbon Black and Cylance Comparison for EDR


I'm a Senior Manager- Security Monitoring and Incident Response at a large manufacturing company. 

I am looking for thoughts from those who may have done a comparative analysis on these two products within the last 6 months or so.  Realizing these technologies have advanced rapidly over the past year or two I would like to hear some current observations.

While I am interested in the value/functionality of the platforms, I am currently focused on  assessments around EDR performance and ultimate functionality.

Thanks in advance for your thoughts.

ITCS user
44 Answers

author avatar
Top 20Real User

Hiya Paul, I'm a bit biased as we are partnered with Cynet Security. We've done extensive testing on Cynet 360 using two recipes: MITRE Framework and Atomic Red Team's collection of small, highly portable detection tests mapped to MITRE ATT&CK®. Value Proposition is very good with a 24/7 SOC support. Fully automated D&R agent with ability to integrate to external SIEM. Also has User Behaviour Analytics (UBA) which is helpful. But EDR comparison needs to be evaluated according to your company's needs. Not one size fits all. So i suggest you test drive both using the MITRE framework as we have. Many CISOs or Managers wants an EDR that you install and forget, and i think Cynet is that.Additionally, the Deception module is an excellent honeypot for Advanced Persistent Threat (APT) Attacks. Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations (min 250 endpoints). And based on Gartner's Peer Insights EDR review, Cynet came #1 out of 51 vendors with an average rating of 5 out of 5. Sorry, we've done our eval on many EDR/XDR/MDRs and we've hit home with Cynet 360. Perhaps an on prem eval is in order. Cheers!!

author avatar
Top 20Real User

We didn't consider either of these after demo and comparison from reviews of multiple EDR solutions we came up with SentinelOne on top and are now POCg it as an endpoint solution.

author avatar
Top 5LeaderboardReal User

If you're looking for a NextGen, Machine Learning & AI-driven Active EDR with automated remediation, that has not been breached and is backed by a one million USD ransomware warranty.  Contact me at cybersec@global.co.za and I'll provide you with detailed comparisions between SentinelOne, Cylance and Carbon Black, showing how SentinelOne is superior to both Cylance and Carbon Black. 

It will also be my pleasure to demonstrate the SentinelOne solution to you.

The future of your company's cybersecurity is in your hands.

author avatar
Top 5LeaderboardReseller

Capability                               Cylance                   Carbon Black

Leverages local ML Model        Yes                          No

Leverages cloud ML Model.      Not required but      No

                                              adds to efficacy

Predictive Advantage              Yes                          No

Prevents attacks from 

zero-day threats                     Yes                          Partial

Daily or frequent updates        No                           Yes

Allows malware to execute      No                           Yes

Cloud vs. On-Premise Mgmt     Cloud & On-Premise  On-Premise

Single Agent                           Yes                           No

Scale of Agents                       Infinite                    Limited

Single Console                        Yes                          No

Requires continual scans         No                           Yes

Capable of convicting offline   Yes                         No

Avg mem/cpu                         <70MB/1%                High

Agent Update Cycle                Quarterly                 Daily

ML Update Cycle                    3x Yearly                  N/A

Find out what your peers are saying about CrowdStrike, SentinelOne, Cisco and others in Endpoint Detection and Response (EDR). Updated: June 2021.
521,189 professionals have used our research since 2012.