We performed a comparison between Carbon Black CB Defense and Cisco Secure Endpoint based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product allows us to focus on endpoint and antivirus protection."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs."
"CB Defense is more powerful, and you can take more actions than others. Its security features and signatures are constantly updated, so it is more effective than other security solutions."
"The visibility provided has been great."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"The initial setup was fairly easy."
"The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"The solution would be more effective if there was a way to block automatically based on behavior."
"The solution needs expanded endpoint query tools."
"This solution could have greater granular control on how certain applications work."
"The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"I would like to see the user credentials feature improved. I would also like to see more reporting features and better ways to roll the reports out."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. That's an area where it could be made better."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"This product has issues with the number of false positives that it reports."
Carbon Black CB Defense is ranked 8th in EDR (Endpoint Detection and Response) with 24 reviews while Cisco Secure Endpoint is ranked 4th in EDR (Endpoint Detection and Response) with 13 reviews. Carbon Black CB Defense is rated 7.6, while Cisco Secure Endpoint is rated 8.6. The top reviewer of Carbon Black CB Defense writes "The manage, detect, and response feature enables Carbon Black to continuously check logs and advise us on how to improve some of the policies". On the other hand, the top reviewer of Cisco Secure Endpoint writes "Makes it possible to see a threat once and block it across all endpoints and your entire security platform". Carbon Black CB Defense is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete, Trend Micro Deep Security and Darktrace, whereas Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, SentinelOne Singularity Complete and Symantec Endpoint Security. See our Carbon Black CB Defense vs. Cisco Secure Endpoint report.
See our list of best EDR (Endpoint Detection and Response) vendors and best EPP (Endpoint Protection for Business) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.