Cisco Secure Endpoint vs VMware Carbon Black Endpoint comparison


Comparison Buyer's Guide

Executive SummaryUpdated on Jul 10, 2023

Categories and Ranking

Fortinet FortiEDR
Ranking in Endpoint Detection and Response (EDR)
Average Rating
Number of Reviews
Ranking in other categories
No ranking in other categories
Cisco Secure Endpoint
Ranking in Endpoint Detection and Response (EDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (10th), Cisco Security Portfolio (7th)
VMware Carbon Black Endpoint
Ranking in Endpoint Detection and Response (EDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (17th), Security Incident Response (1st), Ransomware Protection (4th)

Mindshare comparison

As of June 2024, in the Endpoint Protection Platform (EPP) category, the mindshare of Fortinet FortiEDR is 5.0%, up from 3.7% compared to the previous year. The mindshare of Cisco Secure Endpoint is 1.9%, down from 2.2% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 2.0%, down from 2.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
Unique Categories:
Endpoint Detection and Response (EDR)
Cisco Security Portfolio

Featured Reviews

Tintin Rahman - PeerSpot reviewer
May 1, 2023
Helped our organization by providing reports that identify network weaknesses
We are an incident response team, and we use Fortinet FortiEDR for our cyber protection-related activities Fortinet FortiEDR has helped our organization by providing reports that identify network weaknesses. With the proper training, the solution is easy to use. In some cases, the solution has…
Brad Wright - PeerSpot reviewer
Aug 3, 2023
Does a great job of allowing us to take the individual endpoint assets, do an inventory, and know what the normal state is
I think a large benefit of using Secure Endpoint is the ability to offload the personnel. We have a crisis in the country where we have too many jobs and there are not enough people, and using something like Secure Endpoint and integrating the Cisco ecosystem allows us to pull in all of this data into a single place and offset those people that we have to have to do the job. It allows us to do some threat hunting and make good decisions with good tools, and it's affordable. Secure Endpoint has decreased our time to remediate by providing the tools and the integrations we need so we can quickly look across our entire network, look for those threats, and actually make good decisions. Cisco Secure Endpoint provides us the scale to quickly reduce the time to find out about an event by integrating into different platforms and providing threat intelligence specifically from Talos so we could quickly find these things. Where things used to take days, we can now do things in hours. Cisco Secure Endpoint does a great job of allowing us to take the individual endpoint assets, do an inventory, and know what the normal state is, so we can have a delta when things change, and we can look for consistencies. And when those things change, we get alerts. We can know what's happening with those boxes. The great part about it is I was able to eliminate lots of other features of doing inventory management and spreadsheets and see what's going on. It's also allowing us to integrate all of the other secure malware antivirus-type platforms that do a single platform. And do threat hunting with that. Five out of five times, Secure Endpoint helps every customer I talk to improve their cybersecurity resilience. It provides integrations, it provides an affordable and easy-to-implement package where we can quickly talk to customers and work with them to get a solution in place. Logicalis does a great job of taking the package and not just installing it, but doing it in a way that a customer can understand how to use that platform afterward.
Luciano Batalha - PeerSpot reviewer
Jan 12, 2024
A simple tool that offers good performance and stability
I use VMware Carbon Black Endpoint for its capabilities related to EDR and antivirus support. The tool offers protection to me with its advanced antivirus technology. The tool also protects me from threats My company does benefit from the use of the solution since it detects live threats, malware…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"Ability to get forensics details and also memory exfiltration."
"The setup is pretty simple."
"The stability is very good."
"The price is low and quite competitive with others."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet is very user-friendly for customers."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"Secure Endpoint has decreased our time to remediate by providing the tools and the integrations we need so we can quickly look across our entire network, look for those threats, and actually make good decisions."
"The solution's integration capabilities are excellent. It's one of the best features."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"The most valuable features of this solution are the IPS and the integration with ISE."
"I feel that the initial setup was straightforward and not complex."
"It actually does some heuristics, and some behavioral analysis."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"The most valuable feature is that it detects and stops malicious executables."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."


"It takes about two business days for initial support, which is too slow in urgent situations."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I haven't seen the use of AI in the solution."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"ZTNA can improve latency."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"It cannot currently block URLs over websites."
"Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"In the next version of this solution, I would like to see the addition of local authentication."
"The endpoint machines need improvement."
"Carbon Black has limited capability to integrate with Rapid7."
"The device control feature could also be compatible with the user’s profile as well."
"I would like to see the user credentials feature improved. I would also like to see more reporting features and better ways to roll the reports out."
"The UI interface needs improvement. The management needs further work in future versions."
"In our company, we also wanted to have network detection, like a host-based IDS on VMware Carbon Black Endpoint, but we did not get it."
"The solution needs better overall compatibility with other products."
"A search bar in the investigation page and some AI-related tasks like outgoing alerts, or recent tactics that are being used in the market, must be embedded in the tool so that it's easier to find alerts."

Pricing and Cost Advice

"The pricing is good."
"I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service."
"The hardware costs about €100,000 and about €20,000 annually for access."
"I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
"While the cost may have been high, we view it as a worthwhile investment due to Fortinet's reliability and long-term performance."
"Fortinet FortiEDR is available at a very competitive price compared to the other products in the market."
"I would rate the solution's pricing an eight out of ten."
"It's moderately priced, neither cheap nor expensive."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"​Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.​"
"It is an expensive solution."
"The price is very good."
"The price is very fair to the customer."
"It is quite cost-effective. I would rate it ten out of ten."
"It is a subscription-based product."
"The pricing and licensing fees are okay."
"Price-wise, VMware Carbon Black Endpoint is a highly-priced solution. Regarding the licensing cost of the solution, one needs to opt for an annual subscription."
"In terms of licensing costs, Carbon Black CB Defense was all associated with CROW and the services my company is using with them, so it came all-inclusive."
"We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."
"The licensing cost is on the more expensive side, but I thought it was worth it because they did a good job. It was one of the vendors I truly didn't have to worry about too much until this latest upgrade."
"VMware Carbon Black Endpoint is an expensive product."
"The price for the solution is completely at government level, meaning one which is very high."
"The platform is expensive."
"The product is quite reasonable."
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
787,817 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Computer Software Company
Manufacturing Company
Financial Services Firm
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Financial Services Firm
Manufacturing Company

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

What's the difference between Fortinet's FortiEDR and FortiClient?
I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protectio...
What do you like most about Fortinet FortiEDR?
We have FortiEDR installed on all our systems. This protects them from any threats.
What is your experience regarding pricing and costs for Fortinet FortiEDR?
The pricing of the solution is on the high end compared to its offerings and capabilities.
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) s...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoin...
What do you like most about Carbon Black CB Defense?
VMware Carbon Black Endpoint is a highly stable solution.

Also Known As

enSilo, FortiEDR
Cisco AMP for Endpoints
Carbon Black CB Defense, Bit9, Confer

Learn More

Video not available



Sample Customers

Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about Cisco Secure Endpoint vs. VMware Carbon Black Endpoint and other solutions. Updated: June 2024.
787,817 professionals have used our research since 2012.