We performed a comparison between Carbon Black CB Defense and CrowdStrike Falcon based on real PeerSpot user reviews.
Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"The most valuable feature is signature-based malware detection."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The product is pretty strong in terms of security and their features are very good in that respect."
"The new feature that we're deploying, the new offering from Carbon Black, is MDR, which stands for manage, detect, and response. It's the most valuable feature because Carbon Black will be continuously checking the logs, and they will be advising us on how to improve some of the policies as well as review the logs. If there are any nefarious agents or things happening on the end points, they will know."
"The solution is extremely scalable."
"The EDR and reports were helpful in improving our organization."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"The threat analysis functionality is good."
"We can access computers remotely if we need to."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"Falcon's best feature is its detection and blocking of threats."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"Since we deployed CrowdStrike, the network has become much calmer, and we now understand the sources of infections, which helps us prevent them from spreading."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"I would like to see integration with Cisco Analytics."
"This product has issues with the number of false positives that it reports."
"The GUI needs improvement, it's not good."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"The application control can be improved. It should also have an automatic update of the agents."
"The pricing could be more reasonable."
"The feature set for the firewall needs improvement."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"The local technical support is very poor, but the support from headquarters is very nice."
"This solution could have greater granular control on how certain applications work."
"There's some disparity between the on-premise and the cloud type of application."
"CrowdStrike Falcon could improve the EDR functionality. Once the functionality of the solution improves, it will be even better in the market and able to compete with Carbon Black."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"The Integration with tools, SOC tools, could be better."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"The overall cost of CrowdStrike Falcon could be reduced."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
Carbon Black CB Defense is ranked 11th in EPP (Endpoint Protection for Business) with 28 reviews while CrowdStrike Falcon is ranked 1st in EPP (Endpoint Protection for Business) with 48 reviews. Carbon Black CB Defense is rated 7.6, while CrowdStrike Falcon is rated 8.8. The top reviewer of Carbon Black CB Defense writes "The manage, detect, and response feature enables Carbon Black to continuously check logs and advise us on how to improve some of the policies". On the other hand, the top reviewer of CrowdStrike Falcon writes "Speeds up the data collection for our phishing playbooks dramatically". Carbon Black CB Defense is most compared with Microsoft Defender for Endpoint, SentinelOne, Trend Micro Deep Security, Carbon Black CB Response and Fortinet FortiEDR, whereas CrowdStrike Falcon is most compared with Microsoft Defender for Endpoint, SentinelOne, Cortex XDR by Palo Alto Networks, Darktrace and Trend Micro XDR. See our Carbon Black CB Defense vs. CrowdStrike Falcon report.
See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
