Darktrace vs VMware Carbon Black Endpoint comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Darktrace and VMware Carbon Black Endpoint based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security.
To learn more, read our detailed Email Security Report (Updated: February 2024).
763,955 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The product is not resource-intensive.""Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency.""The two main features that prove most beneficial for us are URL scanning and attachment scanning.""Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks.""Microsoft Defender for Office 365's most valuable feature is its performance.""Does a thorough job of examining email and URLs for malicious content.""It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased.""The deployment capability is a great feature."

More Microsoft Defender for Office 365 Pros →

"It is a stable solution without downtime.""The NDR is good in their solution and they have NTG for email.""It is a stable solution.""The most valuable feature is that it gives us visibility of rogue traffic that is on the network.""It is very stable and easy to use.""It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk.""The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff.""We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."

More Darktrace Pros →

"CB Defense is more powerful, and you can take more actions than others. Its security features and signatures are constantly updated, so it is more effective than other security solutions.""This product has the capability of uploading scripts to the tool and this is a very comprehensive feature.""Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading.""We can access computers remotely if we need to.""It actually does some heuristics, and some behavioral analysis.""The tool is pretty stable.""The software uses very few resources; it is almost invisible to the end user.""The most valuable feature is that it detects and stops malicious executables."

More VMware Carbon Black Endpoint Pros →

Cons
"The XDR dashboard has room for improvement.""The phishing and spam filters could use some improvement.""Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once.""We need a separate license and we don't know how to get the license that is required.""You should be able to deploy Defender for every subscription without the need to add servers.""There is room for improvement in terms of reporting.""The UI needs to be more user-friendly.""Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data."

More Microsoft Defender for Office 365 Cons →

"Although we haven't detected any network threats since implementing Darktrace, we are unsure of its efficacy. It would be beneficial if the solution could offer additional details to the user regarding any potential or prevented threats. Additionally, there could be better search tools and integration.""Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection.""Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides.""It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening.""I think there is some MSSP missing.""One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network.""Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking.""The product doesn't have an endpoint agent that can react to triggers set on the device,"

More Darktrace Cons →

"I would like to see the user credentials feature improved. I would also like to see more reporting features and better ways to roll the reports out.""What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates.""I would personally give the tech support a rating of seven out of ten.""It would be nice to have additional forensic tools that you can build into the back end.""It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls.""The product's stability could be improved.""In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it.""A search bar in the investigation page and some AI-related tasks like outgoing alerts, or recent tactics that are being used in the market, must be embedded in the tool so that it's easier to find alerts."

More VMware Carbon Black Endpoint Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "It is inexpensive considering what it can do and the competition."
  • "The pricing is a little high compared to the competition."
  • "Our customers feel that the price of Darktrace is quite high compared to other solutions."
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "When it comes to large installations, it can be expensive, but for small accounts it's fine."
  • "It is a very expensive product."
  • "It is expensive. I don't have the price for other competitors."
  • "This solution is expensive."
  • More Darktrace Pricing and Cost Advice →

  • "​The cost/benefit factor has great relevance in Cb Defense implementations​."
  • "The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price."
  • "I am not really involved in the pricing of this product. But, from my understanding, it is OK for us."
  • "Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."
  • "We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."
  • "The pricing [is] more or less the same as other similar solutions."
  • "It's reasonable in price"
  • "The price for the solution is completely at government level, meaning one which is very high."
  • More VMware Carbon Black Endpoint Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Email Security solutions are best for your needs.
    763,955 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various… more »
    Top Answer:The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Top Answer:A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet… more »
    Top Answer:I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR)… more »
    Top Answer:Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint… more »
    Top Answer:The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market.
    Comparisons
    Also Known As
    MS Defender for Office 365
    Carbon Black CB Defense, Bit9, Confer
    Learn More
    Overview

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    Darktrace is a leading cybersecurity solution that leverages artificial intelligence and machine learning to provide advanced threat detection, response, and risk management capabilities. Many reviewers find Darktrace's AI and machine-learning capabilities to be valuable. They appreciate its ability to detect anomalies and threats that might go unnoticed by traditional security tools. Overall, the general sentiment towards Darktrace from reviewers is positive. Users seem to appreciate its scalability, stability, AI capabilities, visibility, and ease of use.

    Darktrace offers a proactive and intelligent approach to cybersecurity. It utilizes AI algorithms to learn and understand the 'pattern of life' for every user and device within a network. This understanding enables it to detect anomalies that could signify a cyber threat, from subtle insider threats to more obvious ransomware attacks.

    Its adaptability, autonomous response features, and comprehensive network visibility make it a top-tier solution for different sizes of organizations and across many industries. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021 and protects over 8,800 organizations globally from advanced cyber threats.

    Darktrace Cyber AI Loop

    The Darktrace Cyber AI Loop introduces an advanced artificial intelligence-based system for cybersecurity, designed to build a self-improving defense mechanism. This system functions like a closed loop, where each stage feeds information and insights into the next, amplifying the overall effectiveness of the platform.

    The key components of the loop are:

    • DETECT - An AI engine that monitors your network and endpoints for anomalous activity, constantly learning the normal behavior of your users and devices. It identifies suspicious patterns and potential threats in real-time, even from never-before-seen attacks.
    • PREVENT - This proactive arm analyzes vulnerabilities and identifies weaknesses in your IT infrastructure. It prioritizes patching and configuration changes to harden defenses before attackers can exploit those vulnerabilities.
    • RESPOND - When DETECT identifies a threat, RESPOND takes immediate action to contain and neutralize it. This can involve isolating compromised devices, disrupting attacker activity, and automatically escalating critical incidents to human analysts.
    • HEAL - This newest addition to the loop focuses on post-incident recovery. It automatically restores compromised systems, cleans infected files, and helps to prevent the attack from spreading further.

    Darktrace's AI algorithms can identify threats that traditional security tools might miss. It continuously learns and updates its understanding of what is normal for each environment, ensuring that it can quickly detect and respond to unusual activities that could indicate a breach. Darktrace's Antigena module can autonomously respond to threats in real time. This is particularly crucial in containing fast-moving threats like ransomware, where every second counts. 

      Darktrace's solution provides unparalleled visibility into all parts of the network, including cloud services, IoT devices, and industrial control systems. This comprehensive coverage ensures that no part of the network is left unprotected. However, while the Darktrace Cyber AI Loop offers a robust solution, it is not a complete cure-all and requires careful implementation and integration with existing security frameworks.Darktrace offers a comprehensive and unified approach to cybersecurity. It provides continuous protection against known and unknown threats, regardless of where they emerge. Darktrace's solutions provide visibility into your cloud infrastructure, continuous monitoring of application usage and communication patterns (e.g., identification of suspicious actions like unauthorized data access), comprehensive email security that goes beyond traditional spam and phishing filters, real-time protection for endpoints, and continuous monitoring of network traffic and device activity.

      Darktrace also provides specialized coverage to secure your zero-trust architecture. Identifies compromised identities, unauthorized access attempts, and risky data exfiltration within a least-privilege environment. Finally, it has a dedicated solution for safeguarding industrial control systems and critical infrastructure. Monitors communication patterns, device behavior, and physical access within OT environments, protecting against operational disruptions and cyberattacks.

      VMware Carbon Black Endpoint Security is a comprehensive endpoint protection platform (EPP) designed to safeguard enterprises from advanced cyber threats, malware, ransomware, and other forms of malicious attacks. Leveraging cloud-native architecture, it provides a robust set of tools to detect, prevent, investigate, and respond to cybersecurity incidents across environment. The solution stands out for its advanced behavioral analytics, real-time threat hunting, and customizable policies, making it a preferred choice for businesses seeking to fortify their defenses in the evolving cybersecurity landscape.

      Modernize Your Endpoint Protection

      Legacy approaches to prevention leave organizations exposed. Get an endpoint platform that helps you strengthen and unify security tools to see more and stop more.

      Simplify Your Security Stack

      By simplifying endpoint security capabilities with one endpoint agent and console, you can minimize downtime, respond to incidents and return critical CPU cycles back to the business.

      Operate with Confidence

      Modern environments are increasingly complex. VMware Carbon Black is a single source of truth that provides an intuitive understanding of your environment, enabling confident decisions.

      Sample Customers
      Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
      Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
      Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
      Top Industries
      REVIEWERS
      Manufacturing Company16%
      Computer Software Company16%
      Comms Service Provider13%
      Government6%
      VISITORS READING REVIEWS
      Computer Software Company17%
      Financial Services Firm9%
      Government7%
      Manufacturing Company7%
      REVIEWERS
      Financial Services Firm19%
      Computer Software Company13%
      Healthcare Company6%
      Manufacturing Company6%
      VISITORS READING REVIEWS
      Computer Software Company16%
      Financial Services Firm8%
      Government7%
      Comms Service Provider7%
      REVIEWERS
      Manufacturing Company20%
      Computer Software Company18%
      Financial Services Firm9%
      Construction Company9%
      VISITORS READING REVIEWS
      Computer Software Company15%
      Financial Services Firm10%
      Government9%
      Manufacturing Company7%
      Company Size
      REVIEWERS
      Small Business42%
      Midsize Enterprise16%
      Large Enterprise42%
      VISITORS READING REVIEWS
      Small Business29%
      Midsize Enterprise19%
      Large Enterprise51%
      REVIEWERS
      Small Business51%
      Midsize Enterprise20%
      Large Enterprise29%
      VISITORS READING REVIEWS
      Small Business30%
      Midsize Enterprise19%
      Large Enterprise52%
      REVIEWERS
      Small Business42%
      Midsize Enterprise15%
      Large Enterprise42%
      VISITORS READING REVIEWS
      Small Business26%
      Midsize Enterprise19%
      Large Enterprise55%
      Buyer's Guide
      Email Security
      February 2024
      Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security. Updated: February 2024.
      763,955 professionals have used our research since 2012.

      Darktrace is ranked 13th in Email Security with 32 reviews while VMware Carbon Black Endpoint is ranked 13th in EPP (Endpoint Protection for Business) with 23 reviews. Darktrace is rated 8.2, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Advanced threat detection but compatibility issues with some operating systems". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Intercept X Endpoint.

      We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.