We performed a comparison between CylanceOPTICS and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"The price is low and quite competitive with others."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is a bit early in our evaluation process to give proper feedback, although so far, the overall feedback is good."
"The most valuable feature is the ability to respond to zero-day and unknown threats."
"The initial setup was fairly straightforward. To get a large health care organization sorted, we had to create exemptions because some of the scripts and some of the automations were broken."
"CylanceOPTICS is easy to use."
"CylanceOPTICS is pretty stable."
"It's pretty unintrusive"
"Cylance is not a signature-based protection solution and instead works proactively using AI and ML models to patrol for malicious behavior."
"It automatically blocks the threats, helping us investigate if they harm the environment."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"Integration and scalability are the most valuable."
"The most valuable features are the threat-hunting and the batch console."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Making the portal mobile friendly would be helpful when I am out of office."
"The only minor concern is occasional interference with desired programs."
"The solution should address emerging threats like SQL injection."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The tools are ineffective. It flags a lot of things. To give you an example, it detected Google Chrome and blocked the user's access to it. That it mistook for malicious, which turned out to be a false positive."
"CylanceOPTICS could benefit from more granular control in the timeline-building process. Ideally, users would be able to drill deeper into the analysis rather than have the machine dictate the direction."
"Too many false positives are reported."
"Our customers would like to see more automation with respect to how threats are handled once they have been detected."
"The product's initial setup process could be easy."
"One minor issue that somebody mentioned was that they didn't like their management console."
"The technical support could be improved although it's probably better than you get with a lot of the other traditional antivirus solutions"
"The product's technical support is slow."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"Training and education for both partner and customer, including product marketing need to be improved."
"One area for improvement is the maturity of its vulnerability features."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The dashboard should be more user-friendly."
"The solution can only handle about 500 bans or blocks."
CylanceOPTICS is ranked 33rd in Endpoint Detection and Response (EDR) with 10 reviews while VMware Carbon Black Cloud is ranked 28th in Endpoint Detection and Response (EDR) with 18 reviews. CylanceOPTICS is rated 7.6, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of CylanceOPTICS writes "Enables the isolation and inoculation of infected machines, offering a practical solution for dealing with threats and preventing their spread within the environment". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". CylanceOPTICS is most compared with Microsoft Defender for Endpoint, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Splunk SOAR and Rapid7 InsightIDR. See our CylanceOPTICS vs. VMware Carbon Black Cloud report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hiya Paul, I'm a bit biased as we are partnered with Cynet Security. We've done extensive testing on Cynet 360 using two recipes: MITRE Framework and Atomic Red Team's collection of small, highly portable detection tests mapped to MITRE ATT&CK®. Value Proposition is very good with a 24/7 SOC support. Fully automated D&R agent with ability to integrate to external SIEM. Also has User Behaviour Analytics (UBA) which is helpful. But EDR comparison needs to be evaluated according to your company's needs. Not one size fits all. So i suggest you test drive both using the MITRE framework as we have. Many CISOs or Managers wants an EDR that you install and forget, and i think Cynet is that.Additionally, the Deception module is an excellent honeypot for Advanced Persistent Threat (APT) Attacks. Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations (min 250 endpoints). And based on Gartner's Peer Insights EDR review, Cynet came #1 out of 51 vendors with an average rating of 5 out of 5. Sorry, we've done our eval on many EDR/XDR/MDRs and we've hit home with Cynet 360. Perhaps an on prem eval is in order. Cheers!!
If you're looking for a NextGen, Machine Learning & AI-driven Active EDR with automated remediation, that has not been breached and is backed by a one million USD ransomware warranty. Contact me and I'll provide you with detailed comparisons between SentinelOne, Cylance and Carbon Black, showing how SentinelOne is superior to both Cylance and Carbon Black.
It will also be my pleasure to demonstrate the SentinelOne solution to you.
The future of your company's cybersecurity is in your hands.
Paul,
While I've not used Carbon I have used Cylance and Optics for years before moving away from them in favor of a more robust and easy to manage solution. Cylance, IF properly configured can stop the majority of attacks out there and incorporates machine learning. I would strongly suggest if you're reviewing EDR's that you also consider S1.
Cylance in order to compete with other platforms needs to have Cylance and Optics installed. Last I used it these were two separate components and still not integrated into the same client. That was the goal but never happened while I was a customer. Optics was confusing to use, confusing to configure. I've had ZERO issues like this with our S1 deployment and production use. the ML on this client has been superior to the Cylance ML model as well and I don't need multiple apps installed to accomplish the same end goal.
Cylance as an EDR failed for me, I loved the ML machine learning for the antivirus and malware/ ransomware protection and such but as an EDR there're WAY better choices on the market.
Hope this helps.
Capability Cylance Carbon Black
Leverages local ML Model Yes No
Leverages cloud ML Model. Not required but No
adds to efficacy
Predictive Advantage Yes No
Prevents attacks from
zero-day threats Yes Partial
Daily or frequent updates No Yes
Allows malware to execute No Yes
Cloud vs. On-Premise Mgmt Cloud & On-Premise On-Premise
Single Agent Yes No
Scale of Agents Infinite Limited
Single Console Yes No
Requires continual scans No Yes
Capable of convicting offline Yes No
Avg mem/cpu <70MB/1% High
Agent Update Cycle Quarterly Daily
ML Update Cycle 3x Yearly N/A