No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Secure Cloud Analytics [EOL] vs VMware Carbon Black Endpoint comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco Secure Cloud Analytic...
Average Rating
8.6
Number of Reviews
7
Ranking in other categories
No ranking in other categories
VMware Carbon Black Endpoint
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
65
Ranking in other categories
Endpoint Protection Platform (EPP) (31st), Security Incident Response (6th), Endpoint Detection and Response (EDR) (31st), Ransomware Protection (8th)
 

Featured Reviews

SP
Security Analyst at Orange España
Efficiently generates alerts for suspicious activities and scales easily
There are two areas of improvement. Firstly, extend the log retrieval limit to at least three months. For example, there is a limit on the number of log messages that can be received. So, I would like to expand the log retrieval limit. And another thing, if we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration. If a new user wants to learn how it should work, how policies work, and where we can configure policies, there should be some learning material for this product.
PM
CTO at Microsoft
Improved incident investigation has supported response while core protection still needs progress
VMware Carbon Black Endpoint does not have easy integration, as there are many complexities with the Ribitava API, which is very deep. I rate this solution overall as a five or six on a scale from one to ten. I have integrated VMware Carbon Black Endpoint with other tools that are helpful. I think this solution should be targeted at small clients, because adoption will grow more with small businesses tomorrow.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."
"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."
"Cisco Stealthwatch Cloud is scalable because it is on the cloud."
"We were able to prevent an electric fraud of almost $200,000."
"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."
"Monitoring the traffic, making sure you have the visibility."
"My advice to others is Cisco has great solutions and I would recommend them."
"I would recommend Cisco Stealthwatch Cloud 100 percent."
"The most valuable feature is that it detects and stops malicious executables."
"The capabilities of this tool are almost limitless."
"The cost/benefit factor has great relevance in Cb Defense implementations."
"It is a very complete platform."
"CB Defense is more powerful, and you can take more actions than others, and its security features and signatures are constantly updated, so it is more effective than other security solutions."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
 

Cons

"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."
"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."
"The initial setup of Cisco Stealthwatch Cloud is complex."
"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface."
"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."
"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."
"The product's price is high."
"The initial setup is a bit complex in terms of deployment and configuration."
"A search bar in the investigation page and some AI-related tasks like outgoing alerts, or recent tactics that are being used in the market, must be embedded in the tool so that it's easier to find alerts."
"I am not sure whether Carbon Black CB Defense can be considered as a stable solution or not."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"Sometimes the solution blocks items that were previously approved and we don't know why."
"The solution would be more effective if there was a way to block automatically based on behavior."
"The product's stability could be improved."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
 

Pricing and Cost Advice

"Cisco Stealthwatch Cloud is an expensive enterprise solution."
"The solution is quite expensive."
"The price of Cisco Stealthwatch Cloud is expensive."
"​The cost/benefit factor has great relevance in Cb Defense implementations​."
"I am not really involved in the pricing of this product. But, from my understanding, it is OK for us."
"In terms of licensing costs, Carbon Black CB Defense was all associated with CROW and the services my company is using with them, so it came all-inclusive."
"The solution has almost the same price as other different kinds of infrastructures, but it offers a lot of different features."
"This is a really expensive product and we pay licensing fees on a yearly basis."
"We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."
"It is more expensive, but it's worth it. There are no additional costs beyond the standard licensing fee."
"The product’s price is less expensive than other vendors."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
903,182 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
15%
Manufacturing Company
13%
Performing Arts
11%
Outsourcing Company
8%
Financial Services Firm
10%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise2
Large Enterprise6
By reviewers
Company SizeCount
Small Business31
Midsize Enterprise9
Large Enterprise33
 

Questions from the Community

Ask a question
Earn 20 points
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What is your experience regarding pricing and costs for Carbon Black CB Defense?
My rating for the pricing of VMware Carbon Black Endpoint is that it is not cheap, but it is also not as inexpensive as I would prefer.
 

Also Known As

Cisco Stealthwatch Cloud, Observable Networks
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

Options, Schneider Electric, Washington University in St Louis, Gotcha, Kraft Kennedy, PartnerRe, Sumologic, Veterans United, AFGE, Agraform, Artesys, Dynamic Ideas Financials, Department of Agriculture and Commerce
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about Fortinet, Darktrace, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2026.
903,182 professionals have used our research since 2012.