We performed a comparison between D3 Security, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"The solution is very reliable."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"I have found the solution very useful, it integrates well with other platforms."
"They have a portal where you can find any kind of integration that you need."
"The solution is easy to deploy."
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"It’s easy to install."
"The solution does very well as a baseline EDR and provides good process-level management."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The detection response and quarantining are very good features."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"It is nice when you're in a situation where you think someone's device is compromised and that there's some malware getting into your fleet."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"The tool’s multi-tenancy feature must be improved."
"There should be an on-premise version available for customers to have different choices."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"There is room for improvement in terms of the pricing model."
"Corex XSOAR could be improved by reducing the time it takes to process large amounts of data and increasing the number of integrations."
"We need a little hands-on experience to install the solution."
"The configuration of the solution could improve it is difficult."
"It's not simple."
"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"One area for improvement is the maturity of its vulnerability features."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
"The dashboard should be more user-friendly."
"The threat intelligence feed could use some fine tweaking."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →