Carbon Black CB Defense vs Crowdstrike Falcon Endpoint Security and XDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Carbon Black CB Defense and Crowdstrike Falcon Endpoint Security and XDR based on real PeerSpot user reviews.

Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Carbon Black CB Defense vs. Crowdstrike Falcon Endpoint Security and XDR Report (Updated: January 2023).
670,523 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great.""Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there.""Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts.""The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful.""The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected.""The most valuable feature is signature-based malware detection.""Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP.""The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."

More Cisco Secure Endpoint Pros →

"The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs.""The solution is extremely scalable.""The solution is very useful and easy to handle. You don't need much intervention with this product.""We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing.""The product is pretty strong in terms of security and their features are very good in that respect.""One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it.""The best feature of this solution is that we have a live response, which is really tailored to our needs.""The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."

More Carbon Black CB Defense Pros →

"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution.""CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow.""The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it.""I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution.""It is an easy product to deploy.""The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment.""The solution is silent and sits on your system as one single agent.""We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."

More Crowdstrike Falcon Endpoint Security and XDR Pros →

Cons
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself.""This product has issues with the number of false positives that it reports.""It could be improved in connection with artificial intelligence and IoT.""An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number.""They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need.""The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product.""We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way.""In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."

More Cisco Secure Endpoint Cons →

"A search bar in the investigation page and some AI-related tasks like outgoing alerts, or recent tactics that are being used in the market, must be embedded in the tool so that it's easier to find alerts.""There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence.""I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others.""Integration is difficult, but CB Defense is more powerful than others. It is difficult to implement but easy to pick up many detections.""In the past, we've seen some stability issues in the latest version releases. We tend to hang back one version just to make sure issues are fully resolved to avoid user disruption.""Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality.""With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue.""The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."

More Carbon Black CB Defense Cons →

"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool.""The performance could be better.""CrowdStrike should add support for ransomware protection.""The overall cost of CrowdStrike Falcon could be reduced.""CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve.""There are some areas where some customers would prefer a different service.""The product could be more accurate in terms of performance.""A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."

More Crowdstrike Falcon Endpoint Security and XDR Cons →

Pricing and Cost Advice
  • "Licensing fees are on a yearly basis and I am happy with the pricing."
  • "We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."
  • "Cisco Secure Endpoint is not too expensive and it's not cheap. It's quite fair."
  • "The price is very fair to the customer."
  • "...the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out."
  • "The pricing and licensing fees are okay."
  • "Because we do see the value of what it's bringing, I think they have priced it well."
  • "The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."
  • More Cisco Secure Endpoint Pricing and Cost Advice →

  • "The price for the solution is completely at government level, meaning one which is very high."
  • "The license is annual. It's a standard license."
  • "Its pricing was very good, which is one of the reasons I went to it as an alternative. It is on a yearly basis. There are no additional fees."
  • "This is a really expensive product and we pay licensing fees on a yearly basis."
  • "It is more expensive, but it's worth it. There are no additional costs beyond the standard licensing fee."
  • "The licensing cost is on the more expensive side, but I thought it was worth it because they did a good job. It was one of the vendors I truly didn't have to worry about too much until this latest upgrade."
  • "In terms of licensing costs, Carbon Black CB Defense was all associated with CROW and the services my company is using with them, so it came all-inclusive."
  • "The pricing is annually based and operates through another department than mine."
  • More Carbon Black CB Defense Pricing and Cost Advice →

  • "We bought a very small number of licenses, then ran it for a year. We bought a 100 licenses for a year, so we didn't actually do a proof of concept. We just bought them. Then, the next year, we bought 10,000 licenses."
  • "It is an expensive product, but I think it is well worth the investment."
  • "The pricing is not bad. It's on the higher end of the market, but you get what you pay for."
  • "The pricing is definitely high but you get what you pay for, and it's not so high that it prices itself out of the market."
  • "The pricing and licensing are fairly good. It is definitely not a cheap product, but I have felt that it is worth the money that we spent. So, we have discussed it in the past, and were like, "Yes, it is probably pricier than some other solutions, but we also feel they really are the leader. We are very comfortable with their level of expertise. So, it's kind of worth the price that we pay.""
  • "With respect to pricing, my suggestion to others is to evaluate the environment and purchase what you need."
  • "The pricing and licensing are reasonable. I don't think we are getting charged more than what it is worth. It is fair, but I do not like how it is a la carte. I realize they do that so other organizations can buy and get the agent, getting it cheaper than you could otherwise. However, if you want the main core package, which has all the main features with the exception of maybe the multi-cloud protections, that can get pricier for an organization. So, you have to pick and choose what you want. I do not care for a la carte pricing."
  • "Pricing and licensing seem to be in line with what they offer. We are a smaller organization, so pricing is important. Obviously, we would make a business case if it is something we really needed or felt that we needed. So, the pricing is in line with what we are getting from a product standpoint."
  • More Crowdstrike Falcon Endpoint Security and XDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EPP (Endpoint Protection for Business) solutions are best for your needs.
    670,523 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable feature is signature-based malware detection.
    Top Answer:Licensing fees are on a yearly basis and I am happy with the pricing.
    Top Answer:The GUI needs improvement, it's not good. There are false positives in emails. At times, the emails are blocked and… more »
    Top Answer:I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR)… more »
    Top Answer:Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint… more »
    Top Answer:I think the one thing you want to do is to review how much each solution will help you reduce your investigative… more »
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Comparisons
    Also Known As
    Cisco AMP for Endpoints
    Bit9, Confer
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Learn More
    Overview

    Cisco Secure Endpoint is a cloud-managed endpoint security solution that provides advanced protection against viruses, malware, and other cyber threats by detecting, preventing, and responding to threats. Cisco Secure Endpoint is managed online via a web-based management console and can be deployed on a variety of platforms. It protects endpoints, networks, emails, and web traffic.

    In a world of evolving threats, it’s necessary to put security above everything. Cisco Secure Endpoint provides you with the scope, scale, and capabilities to attain effective security with its integrated portfolio and industry-leading threat intelligence. Cisco Secure Endpoint continuously tracks and analyzes files and file activities across your systems - both remote and on premises - and compares these events to other events that occurred before or during past attacks. If a file exhibits malicious behavior, the tool sends an alert which enables you to stop a potential threat from succeeding.

    Key Capabilities of Cisco Secure Endpoint

    • Multi-layered protection: Cisco Secure Endpoint combines behavioral analytics, machine learning, and signature-based techniques to prevent threats from compromising your endpoints.

    • Powerful EDR capabilities: Reduce attack surface using advanced endpoint and extended detection and response, threat hunting, and endpoint isolation.

    • Dynamic malware analysis: Identify and block attacks in real time.

    • Simplified investigations: Advanced search capabilities help you get the information you need about your endpoints fast.

    Reviews from Real Users

    Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

    Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

    Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

    CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. 

    Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.

    Request a free trial here: https://go.crowdstrike.com/try-falcon-prevent

    Offer
    Learn more about Cisco Secure Endpoint
    Learn more about Carbon Black CB Defense
    Get Fast and Easy Protection Against All Threats

    Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.

    Sample Customers
    Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
    Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
    Information Not Available
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Government11%
    Healthcare Company11%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider11%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company13%
    Financial Services Firm13%
    Construction Company9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider9%
    Government8%
    Financial Services Firm8%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm18%
    Energy/Utilities Company7%
    Comms Service Provider5%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider9%
    Financial Services Firm8%
    Government7%
    Company Size
    REVIEWERS
    Small Business34%
    Midsize Enterprise23%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise18%
    Large Enterprise56%
    REVIEWERS
    Small Business40%
    Midsize Enterprise15%
    Large Enterprise46%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise19%
    Large Enterprise54%
    REVIEWERS
    Small Business34%
    Midsize Enterprise24%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise18%
    Large Enterprise57%
    Buyer's Guide
    Carbon Black CB Defense vs. Crowdstrike Falcon Endpoint Security and XDR
    January 2023
    Find out what your peers are saying about Carbon Black CB Defense vs. Crowdstrike Falcon Endpoint Security and XDR and other solutions. Updated: January 2023.
    670,523 professionals have used our research since 2012.

    Carbon Black CB Defense is ranked 11th in EPP (Endpoint Protection for Business) with 22 reviews while Crowdstrike Falcon Endpoint Security and XDR is ranked 2nd in EPP (Endpoint Protection for Business) with 56 reviews. Carbon Black CB Defense is rated 7.6, while Crowdstrike Falcon Endpoint Security and XDR is rated 8.6. The top reviewer of Carbon Black CB Defense writes "The manage, detect, and response feature enables Carbon Black to continuously check logs and advise us on how to improve some of the policies". On the other hand, the top reviewer of Crowdstrike Falcon Endpoint Security and XDR writes "Speeds up the data collection for our phishing playbooks dramatically". Carbon Black CB Defense is most compared with Microsoft Defender for Endpoint, SentinelOne, Trend Micro Deep Security, Secureworks Red Cloak Threat Detection and Response and Darktrace, whereas Crowdstrike Falcon Endpoint Security and XDR is most compared with Microsoft Defender for Endpoint, SentinelOne, Darktrace, Cortex XDR by Palo Alto Networks and Trend Micro XDR. See our Carbon Black CB Defense vs. Crowdstrike Falcon Endpoint Security and XDR report.

    See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.

    We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.