We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The setup is pretty simple."
"The stability is very good."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The product's initial setup phase is very easy."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The price is low and quite competitive with others."
"It is an easy product to deploy."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"Its integration capability is valuable. It integrates easily with any OS."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"I like the Overwatch feature the most."
"The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"The most valuable feature of the solution stems from the support it provides."
"The solution is extremely scalable."
"This product has the capability of uploading scripts to the tool and this is a very comprehensive feature."
"There's lots of very useful documentation online to help troubleshoot and learn about the product."
"The product enables device controls, helping us protect the devices and prevent data leakages."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"ZTNA can improve latency."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Making the portal mobile friendly would be helpful when I am out of office."
"We'd like to see more one-to-one product presentations for the distribution channels."
"This solution is relatively expensive."
"The management of log aggregation is in need of improvement."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"I would like to see the machine learning feature enhanced."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"The management reporting functionality needs to be improved."
"As the company has grown, the technical support has felt less personal."
"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others."
"The solution needs expanded endpoint query tools."
"Carbon Black has limited capability to integrate with Rapid7."
"This product should be cheaper."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
"CB Defense could be more compatible with Linux, and its cloud provision could be improved."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 61 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Cortex XDR by Palo Alto Networks, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.