Try our new research platform with insights from 80,000+ expert users

Cybereason Endpoint Detection & Response vs VMware Carbon Black Cloud comparison

Cybereason and VMware are both solutions in the Endpoint Detection and Response (EDR) category. Cybereason is ranked #23 with an average rating of 8.2, while VMware is ranked #43 with an average rating of 8.0. Cybereason holds a 1.0% mindshare in EDR, compared to VMware’s 0.2% mindshare. Additionally, 89% of Cybereason users are willing to recommend the solution, compared to 93% of VMware users who would recommend it.
Cybereason Endpoint Detecti...
Read 21 Cybereason Endpoint Detection & Response reviews
  • 2,717 Views
  • 1,536 Comparison Views
89% willing to recommend
VMware Carbon Black Cloud
Read 18 VMware Carbon Black Cloud reviews
  • 374 Views
  • 286 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and VMware Carbon Black Cloud are two leading products in the endpoint detection and response market. Users find Cybereason more satisfying for its user experience and comprehensive support, while VMware Carbon Black Cloud is chosen for its advanced features.

Features: Cybereason Endpoint Detection & Response is known for its intuitive design, robust detection capabilities, and active monitoring. VMware Carbon Black Cloud provides advanced threat hunting features, machine learning integration, and enhanced threat detection capabilities.

Room for Improvement: Cybereason Endpoint Detection & Response needs to improve reporting and analytics for deeper insights, better integration with third-party tools, and finer control configurations. VMware Carbon Black Cloud users desire improvements in integration with third-party tools, enhanced control configurations, and better analytics.

Ease of Deployment and Customer Service: Cybereason Endpoint Detection & Response is straightforward to deploy with responsive customer service for quick setup and issue resolution. VMware Carbon Black Cloud has a more complex setup process and requires better customer support response times.

Pricing and ROI: Cybereason Endpoint Detection & Response is valued for its cost-effectiveness and ROI. VMware Carbon Black Cloud, though more expensive, is considered worth the investment due to its advanced features and capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cybereason Endpoint Detection & Response vs. VMware Carbon Black Cloud Report (Updated: April 2025).
Buyer's Guide
Cybereason Endpoint Detection & Response vs. VMware Carbon Black Cloud
April 2025
Download the complete report
Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cybereason Endpoint Detecti...
Ranking in Endpoint Detection and Response (EDR)
23rd
Average Rating
8.0
Reviews Sentiment
7.9
Number of Reviews
21
Ranking in other categories
Endpoint Protection Platform (EPP) (34th)
VMware Carbon Black Cloud
Ranking in Endpoint Detection and Response (EDR)
43rd
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
18
Ranking in other categories
Security Incident Response (6th)
 

Mindshare comparison

As of May 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cybereason Endpoint Detection & Response is 1.0%, down from 1.2% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 0.2%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Chad Kliewer - PeerSpot reviewer
We can make more informed decisions on whether an action is malicious
The ease of use and dashboards are improving. We came in at a time when they were developing a new dashboard screen. Therefore, we have had some confusing times between the old and new dashboards. Knowing how the new one works, I have seen vast improvements with it. While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper. They are improving on this because I have seen some improvements in the user interface that helps with this. Part of it was moving two different screens into one, merging the two together. It is very good, but it is very technically detailed and would be harder for an entry-level person to decipher. However, improvements are being made. It leverages indicators of behavior to help us remediate faster against attacks. Sometimes, I wish there was more detail on why they consider it malicious.
Read full review
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The initial setup was easy and straightforward."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"What I find most valuable is the clarity of the platform."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"The initial setup was straightforward."
"The initial setup process is straightforward."
More Cybereason Endpoint Detection & Response pros
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts.​"
"They're highly stable in comparison with other solutions I have."
"​The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
More VMware Carbon Black Cloud pros
 

Cons

"The network coverage becomes an issue most of the time."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
"I would like to see improvements on the operational side, specifically in grouping."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"Cybereason does not have sandbox functionality."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
More Cybereason Endpoint Detection & Response cons
"The solution can only handle about 500 bans or blocks."
"Training and education for both partner and customer, including product marketing need to be improved."
"The threat intelligence feed could use some fine tweaking."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"One area for improvement is the maturity of its vulnerability features."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
More VMware Carbon Black Cloud cons
 

Pricing and Cost Advice

"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing an eight."
"I do not have experience with the licensing of the product."
"This product is somewhat expensive and should be cheaper."
"We considered a few other solutions. Some were ridiculously overpriced, while others didn't have solutions for Mac endpoints. That was a deal-breaker because most of our organization is on Mac. It came down to two vendors: Cybereason and another. They had similar pitches and almost identical approaches, but in the end, Cybereason gave us the best value for our money."
"In terms of pricing, it's a good solution."
"I had to go through a third-party to purchase it, which I wasn't really pleased about."
"In terms of cost, this is a good choice for our needs."
"Though it is not the cheapest solution but it fits our budget. We pay an annual licensing fee."
More Cybereason Endpoint Detection & Response pricing and cost advice
"You need to pay for the licensing of the product. The pricing is costly."
"The solution is very inexpensive so there is great cost savings to using it."
"VMware Carbon Black Cloud is an expensive solution."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
"Pricing for this solution could be made lower."
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
850,236 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
8%
Government
6%
Computer Software Company
18%
Financial Services Firm
12%
Real Estate/Law Firm
11%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
See all answers
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
See all answers
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
See all answers
 

Comparisons

Darktrace vs Cybereason Endpoint Detection & Response Logo
Darktrace vs Cybereason Endpoint Detection & Response
Compared 28% of the time
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 15% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 10% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 10% of the time
Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response Logo
Kaspersky Endpoint Security for Business vs Cybereason Endpoint Detection & Response
Compared 5% of the time
More Cybereason Endpoint Detection & Response Competitors
Splunk SOAR vs VMware Carbon Black Cloud Logo
Splunk SOAR vs VMware Carbon Black Cloud
Compared 31% of the time
Rapid7 InsightIDR vs VMware Carbon Black Cloud Logo
Rapid7 InsightIDR vs VMware Carbon Black Cloud
Compared 28% of the time
VMware Carbon Black Endpoint vs VMware Carbon Black Cloud Logo
VMware Carbon Black Endpoint vs VMware Carbon Black Cloud
Compared 22% of the time
Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud Logo
Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud
Compared 20% of the time
More VMware Carbon Black Cloud Competitors
 

Product Reports

Buyer's Guide
Cybereason Endpoint Detection & Response
May 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
Buyer's Guide
VMware Carbon Black Cloud
April 2025
VMware Carbon Black Cloud reportDownload VMware Carbon Black Cloud product report
 

Also Known As

Cybereason EDR, Cybereason Deep Detect & Respond
Carbon Black CB Response
 

Overview

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason
Fortify Endpoint and Workload Protection Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response. Recognize New Threats Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past. Simplify Your Security Stack Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.
VMware
 

Sample Customers

Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
ALLETE belk
Buyer's Guide
Cybereason Endpoint Detection & Response vs. VMware Carbon Black Cloud
April 2025
Free Report: Cybereason Endpoint Detection & Response vs. VMware Carbon Black Cloud
Find out what your peers are saying about Cybereason Endpoint Detection & Response vs. VMware Carbon Black Cloud and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,236 professionals have used our research since 2012.
See our Cybereason Endpoint Detection & Response vs. VMware Carbon Black Cloud report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.