"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."
"The most valuable feature is signature-based malware detection."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"We can access computers remotely if we need to."
"The product allows us to focus on endpoint and antivirus protection."
"The initial setup is pretty straightforward."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"The new feature that we're deploying, the new offering from Carbon Black, is MDR, which stands for manage, detect, and response. It's the most valuable feature because Carbon Black will be continuously checking the logs, and they will be advising us on how to improve some of the policies as well as review the logs. If there are any nefarious agents or things happening on the end points, they will know."
"CB Defense is more powerful, and you can take more actions than others. Its security features and signatures are constantly updated, so it is more effective than other security solutions."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"The solution is very useful and easy to handle. You don't need much intervention with this product."
"Doesn't consume resources or affect the computer performance at all."
"The initial setup was straightforward. It took five minutes. I installed the solution myself."
"The solution has many features. It is very easy to define and set the policies based on the user groups, it does not take up a lot of resources in operation, and has provided us with a good track record of protection."
"The solution is very simple and straightforward to use."
"They have a lot of features integrated from way back, which shows that the product developers know exactly what they're doing."
"I like that Webroot is very lightweight. It didn't bog down the machine, and more importantly, it had heuristics artificial intelligence to some degree. It wasn't like full-blown artificial intelligence, but something where you have one endpoint recognizing issues because it maintains a cloud database. If one client recognizes a threat, it would add it to the database, and almost immediately, every agent in the world would also know about that threat. That was very appealing to us. However, now it's becoming commonplace, whereas ventures like Symantec and McAfee were based more on the traditional model of definition and updates, and we were always falling behind. Webroot also has pretty good technical support."
"It is very light. It is the only solution that can be installed on a machine that already has an antivirus. It is a pretty complete solution."
"There aren't any features that really stand out — I just want it to keep malware out of my system. To date, I haven't had any malware in my system."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"It could be improved in connection with artificial intelligence and IoT."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"The GUI needs improvement, it's not good."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."
"This product should be cheaper."
"In the next release, it would help if we can get better control over containers."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"I'm not sure as to the logic of how we've decided to customize it. We've only really used it since February and therefore there may be more to do on that front. That's why it's hard to say if something is missing or if we just aren't utilizing it."
"There's some disparity between the on-premise and the cloud type of application."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others."
"There should be a Webroot Business Endpoint Protection mobile app."
"Reporting system could be improved."
"Its detection capability for certain attacks should be improved. It should have better and wider detection for certain malware attacks. It could also have some sort of RMN."
"The solution could improve by providing better ransomware protection."
"We need to have a stronger defense against CryptoLock and other attackers."
"One of the biggest pain points is that it's not really ransomware-oriented. They will be able to catch some, but that's where Sentinel One is a better player compared to Webroot."
"I did notice that my OS slowed down, but I don't know if that's due to Webroot."
"I'm not happy with Webroot Business Endpoint Protection, for only one reason. It seems that it slows down my interface when I'm doing programming in Microsoft Access, tremendously."
More Webroot Business Endpoint Protection Pricing and Cost Advice →
Carbon Black CB Defense is ranked 10th in Endpoint Protection for Business (EPP) with 30 reviews while Webroot Business Endpoint Protection is ranked 23rd in Endpoint Protection for Business (EPP) with 11 reviews. Carbon Black CB Defense is rated 7.6, while Webroot Business Endpoint Protection is rated 7.6. The top reviewer of Carbon Black CB Defense writes "The manage, detect, and response feature enables Carbon Black to continuously check logs and advise us on how to improve some of the policies". On the other hand, the top reviewer of Webroot Business Endpoint Protection writes "A scalable lightweight endpoint protection solution with good technical support". Carbon Black CB Defense is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Carbon Black CB Response and Darktrace, whereas Webroot Business Endpoint Protection is most compared with Microsoft Defender for Endpoint, SentinelOne, Sophos Intercept X, Fortinet FortiEDR and Comodo Advanced Endpoint Protection. See our Carbon Black CB Defense vs. Webroot Business Endpoint Protection report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.