Carbon Black CB Defense vs CrowdStrike Falcon comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Carbon Black CB Defense and CrowdStrike Falcon based on real PeerSpot user reviews.

Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Carbon Black CB Defense vs. CrowdStrike Falcon Report (Updated: May 2023).
710,793 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us.""The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices.""Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there.""The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful.""The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great.""It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted.""Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy.""Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."

More Cisco Secure Endpoint Pros →

"The best feature of this solution is that we have a live response, which is really tailored to our needs.""The initial setup is very easy.""The solution is stable.""The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs.""It is a scalable solution...The initial setup was straightforward.""The product is pretty strong in terms of security and their features are very good in that respect.""It is a very complete platform.""We can access computers remotely if we need to."

More Carbon Black CB Defense Pros →

"The scalability is good.""The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product.""CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems.""The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment.""The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control.""CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details.""Easy to use, intelligent, and stable threat detection software.""The most valuable feature of CrowdStrike Falcon is its accuracy."

More CrowdStrike Falcon Pros →

Cons
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through.""It could be improved in connection with artificial intelligence and IoT.""They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need.""An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number.""We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way.""Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. That's an area where it could be made better.""The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product.""Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."

More Cisco Secure Endpoint Cons →

"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others.""The local technical support is very poor, but the support from headquarters is very nice.""They will most likely need to create or include a feature that checks the network.""I am not sure whether Carbon Black CB Defense can be considered as a stable solution or not.""A search bar in the investigation page and some AI-related tasks like outgoing alerts, or recent tactics that are being used in the market, must be embedded in the tool so that it's easier to find alerts.""The solution would be more effective if there was a way to block automatically based on behavior.""There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence.""Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."

More Carbon Black CB Defense Cons →

"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network.""CrowdStrike Falcon could improve the EDR functionality. Once the functionality of the solution improves, it will be even better in the market and able to compete with Carbon Black.""CrowdStrike costs a little more than its competitors.""CrowdStrike Falcon could improve the logs by making them free to the API.""CrowdStrike should add support for ransomware protection.""CrowdStrike Falcon could improve if it became an XDR. When we look only to an end-point, we lost the context of the environment. I know it's another line of design of the product. However, if CrowdStrike becomes an XDR, it could be very good.""The performance could be better.""Forensic controls have room for improvement."

More CrowdStrike Falcon Cons →

Pricing and Cost Advice
  • "We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."
  • "Cisco Secure Endpoint is not too expensive and it's not cheap. It's quite fair."
  • "The price is very fair to the customer."
  • "...the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out."
  • "The pricing and licensing fees are okay."
  • "Because we do see the value of what it's bringing, I think they have priced it well."
  • "The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."
  • "We had faced some license issues, but it has been improved. At the beginning of the implementation, we faced a lot of licensing issues, but now, we have EA licensing, which gives us an opportunity to grow."
  • More Cisco Secure Endpoint Pricing and Cost Advice →

  • "The license is annual. It's a standard license."
  • "Its pricing was very good, which is one of the reasons I went to it as an alternative. It is on a yearly basis. There are no additional fees."
  • "This is a really expensive product and we pay licensing fees on a yearly basis."
  • "It is more expensive, but it's worth it. There are no additional costs beyond the standard licensing fee."
  • "The licensing cost is on the more expensive side, but I thought it was worth it because they did a good job. It was one of the vendors I truly didn't have to worry about too much until this latest upgrade."
  • "In terms of licensing costs, Carbon Black CB Defense was all associated with CROW and the services my company is using with them, so it came all-inclusive."
  • "The pricing is annually based and operates through another department than mine."
  • "CB Defense is available on a yearly subscription and is priced by the number of endpoints."
  • More Carbon Black CB Defense Pricing and Cost Advice →

  • "The price of CrowdStrike Falcon could be better. It is very expensive, we pay approximately $900 per month for the licenses. There are not any additional fees."
  • "The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky."
  • "There is an annual license required to use this solution."
  • "We are on an annual subscription for the solution. There are not any additional costs."
  • "Annual licensing."
  • "The price of CrowdStrike Falcon is reasonable."
  • "The licensing model is straightforward. We choose the features we want and we then can download the package we want."
  • "There is no license required to use this solution."
  • More CrowdStrike Falcon Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EPP (Endpoint Protection for Business) solutions are best for your needs.
    710,793 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP… more »
    Top Answer:On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the… more »
    Top Answer:I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR)… more »
    Top Answer:Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint… more »
    Top Answer:SentinelOne is hands down my recommended solution. SentinelOne has not been breached and offers upto $1,000,000… more »
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Comparisons
    Also Known As
    Cisco AMP for Endpoints
    Bit9, Confer
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Learn More
    Cisco
    Video Not Available
    Overview

    Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities.

    Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

    Learn more about Secure Endpoint: www.cisco.com/go/endpoint

    Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

    Reviews from Real Users

    Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

    Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

    Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

    CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. 

    Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.

    Request a free trial here: https://go.crowdstrike.com/try-falcon-prevent

    Offer
    Learn more about Cisco Secure Endpoint
    Learn more about Carbon Black CB Defense
    Get Fast and Easy Protection Against All Threats

    Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.

    Sample Customers
    Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
    Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
    Information Not Available
    Top Industries
    REVIEWERS
    Computer Software Company12%
    Healthcare Company12%
    Comms Service Provider12%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Government9%
    Financial Services Firm7%
    Comms Service Provider7%
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company16%
    Financial Services Firm11%
    Construction Company11%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government9%
    Financial Services Firm8%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm18%
    Comms Service Provider8%
    Insurance Company6%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business32%
    Midsize Enterprise24%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise17%
    Large Enterprise55%
    REVIEWERS
    Small Business39%
    Midsize Enterprise16%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise18%
    Large Enterprise54%
    REVIEWERS
    Small Business33%
    Midsize Enterprise23%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise18%
    Large Enterprise57%
    Buyer's Guide
    Carbon Black CB Defense vs. CrowdStrike Falcon
    May 2023
    Find out what your peers are saying about Carbon Black CB Defense vs. CrowdStrike Falcon and other solutions. Updated: May 2023.
    710,793 professionals have used our research since 2012.

    Carbon Black CB Defense is ranked 15th in EPP (Endpoint Protection for Business) with 25 reviews while CrowdStrike Falcon is ranked 2nd in EPP (Endpoint Protection for Business) with 50 reviews. Carbon Black CB Defense is rated 7.6, while CrowdStrike Falcon is rated 8.6. The top reviewer of Carbon Black CB Defense writes "The manage, detect, and response feature enables Carbon Black to continuously check logs and advise us on how to improve some of the policies". On the other hand, the top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". Carbon Black CB Defense is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security, Secureworks Red Cloak Threat Detection and Response and Symantec Endpoint Security, whereas CrowdStrike Falcon is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Darktrace and Trend Micro Deep Security. See our Carbon Black CB Defense vs. CrowdStrike Falcon report.

    See our list of best EPP (Endpoint Protection for Business) vendors, best Ransomware Protection vendors, and best EDR (Endpoint Detection and Response) vendors.

    We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.