We performed a comparison between Cybereason Deep Respond [EOL], ServiceNow Security Operations, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."We have 20,000 endpoints in our organization. It's very critical to monitor each and every device with any of our solutions. By deploying Cybereason, it collects all the information from every computer and it will feed it to the AI engine and do a malware check. It's very clear cut and we save a lot of time. It detects the problem very quickly and we can prevent an issue before it occurs."
"Reduces time to closure and closure metrics for vulnerabilities."
"The solution is stable."
"The solution is available over the cloud and is easy to manage."
"My favorite feature is the application vulnerability scanner."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."
"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"It's stable."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"The solution does very well as a baseline EDR and provides good process-level management."
"They're highly stable in comparison with other solutions I have."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"It's all on the analysis part. They currently support from email only. If we have a problem with Cybereason like high memory utilization, for example, we send an email to their team and they respond when they see it, but there is no on-call support. They don't offer the ability to call them."
"It doesn't interact with things very well."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"There is room for improvement in terms of developer support and documentation."
"Process framework and best practices for ease of integration between IT and security teams via incident, problem, and change."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"Training and education for both partner and customer, including product marketing need to be improved."
"The cloud console has a lot of bugs and issues in the analysis part."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"The threat intelligence feed could use some fine tweaking."
"The dashboard should be more user-friendly."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"The solution can only handle about 500 bans or blocks."
More ServiceNow Security Operations Pricing and Cost Advice →
Earn 20 points