No more typing reviews! Try our Samantha, our new voice AI agent.

Galvanize IncidentBond [EOL] vs VMware Carbon Black Cloud comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Galvanize IncidentBond [EOL]
Average Rating
9.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
VMware Carbon Black Cloud
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
19
Ranking in other categories
Security Incident Response (4th), Endpoint Detection and Response (EDR) (57th)
 

Featured Reviews

DE
Information Security Engineer at a financial services firm with 1,001-5,000 employees
Customization and transparency of data, while maintaining a mostly user-friendly UI
Sadly, I can’t provide specific examples due to the nature of the content of the improvements. I will say that, prior to implementation, and post-implementation, we saw a nearly 800% increase in volume of completed and correctly completed documentation in regards to specific tasks being completed. Rsam puts the workflow first, and lets the record follow it. It literally puts a task on rails and the person needing to do the work only need respond to the prompts accordingly and let Rsam automate the rest. The data is cleaner, more uniform, and there’s simply more of it created more quickly, as a result.
reviewer2771742 - PeerSpot reviewer
Sec consultant at a tech services company with 5,001-10,000 employees
Has supported consistent deployment across departments but needs better OS compatibility and detection performance
I am not really looking for a new solution, actually, I was preparing for an interview and wanted to have a comparison between both tools. I have not worked with any of these products before, but we had a training demonstration yesterday with Dynatrace, and I have investigated the Wiz solution better. In terms of experience, it will be my first time with CDR. I am working with something for EDR, specifically, we have an EDR, it's VMware Carbon Black Cloud. They have a hybrid environment, both on-prem and cloud. I would usually recommend this product for big companies, because it's not cheap, so only big companies would I expect to pay for that. The review rating for VMware Carbon Black Cloud is 6 out of 10.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Rsam puts the workflow first, and lets the record follow it, literally putting a task on rails so the person needing to do the work only needs to respond to the prompts accordingly and let Rsam automate the rest."
"The customization and the transparency of data while still maintaining a mostly user-friendly UI, are key features. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could."
"The solution does very well as a baseline EDR and provides good process-level management."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"The enhanced logging and data analysis of the incident response and investigation components allowed us to quickly identify and resolve security issues before they could spread."
"Carbon Black is the leader in the market on many web boards."
"Carbon Black insures the probability that any ransomware will be stopped before spreading."
"​The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"With this solution, you can do so remotely; this is valuable because you don't have to bring the computer onsite to analyze it and it decreases response time by about 40 percent."
 

Cons

"Hands down, if Rsam adopted a more industry proper "End of life – Deprecated – Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual."
"Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual. I can appreciate the cause and affect, wherein the customization of the tool drives rapid release schedules, and the paradox that creates with the idea of stable releases. I’d also like more transparency about known bugs and issues."
"The education and awareness of customers here in Vietnam for Carbon Black CB Response is not good at the moment."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"One of the big issues we're facing is that their solution doesn't support multi-tenants."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The solution can only handle about 500 bans or blocks."
"If Carbon Black could improve in the area or reducing the number of false positives or if there was a better way to filter out false positives that would enhance efficiency and utility."
"The biggest issue I encountered was one where old logs were not being overwritten as expected so the system drive kept filling up from time to time. However, support was usually quite responsive and happy to jump on a remote session to take a look at it for us. That log bug has probably been resolved with an update by now."
"It's not highly available, so you have to have a core server."
 

Pricing and Cost Advice

Information not available
"You need to pay for the licensing of the product. The pricing is costly."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
"VMware Carbon Black Cloud is an expensive solution."
"The solution is very inexpensive so there is great cost savings to using it."
"Pricing for this solution could be made lower."
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
report
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
904,054 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Construction Company
14%
Comms Service Provider
10%
Financial Services Firm
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise9
 

Questions from the Community

Ask a question
Earn 20 points
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What needs improvement with Carbon Black CB Response?
I see room for improvement as I remember some problems on compatibility with some operating systems; I recall we couldn't upgrade because the sensor was not compatible, and the latest VMware Carbon...
 

Also Known As

IncidentBond, Rsam SIRP, Rsam Incident Management, Rsam Security Incident Response Platform
Carbon Black CB Response
 

Overview

 

Sample Customers

Information Not Available
ALLETE belk
Find out what your peers are saying about ServiceNow, Trellix, Proofpoint and others in Security Incident Response. Updated: July 2026.
904,054 professionals have used our research since 2012.