We performed a comparison between IBM Resilient and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Stability-wise, I rate the solution a ten out of ten...Scalability-wise, I rate the solution a ten out of ten."
"The solution is very easy to use."
"The solution is easy to use."
"It is a stable solution...It is a scalable solution."
"The product is very good at incident response."
"The most valuable thing about it is how easy it is to navigate the user interface."
"Its flexibility is the most valuable."
"The solution is simple to use and to integrate with IBM QRadar."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The triage feature that shows you the whole chain of the malware is useful."
"I like its reporting."
"Carbon Black Cb Defense has a nice component called Alert Triage. It contains full details of the process execution "kill chain" and "go live" for immediate remediation."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"One thing to improve is how it handles data formats, which currently might require scripting for conversion to CSV before uploading."
"This product could be improved with better customization. This product isn't the best on the market like QRadar, but it's actually a good solution. However, some competitors' solutions contain more integration, support, automation, or flexibility."
"What could make IBM Resilient better is if IBM increased the number of built-in integrations with different products from other vendors or third-party products."
"Integrating IBM Resilient with other applications can be very difficult and technically challenging. Often, they use the excuse that you are using the latest version of an application, such as an endpoint security system, and they don't have an API or support for it at the moment. There is no automation in the SOAR solution."
"IBM Resilient could integrate better with my tools."
"The ability to analyze incidents needs to be improved in the solution."
"IBM Resilient is quite complex, including its configuration."
"The initial setup is complex."
"The feature set for the firewall needs improvement."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"The application control can be improved. It should also have an automatic update of the agents."
"Carbon Black has limited capability to integrate with Rapid7."
"I'm not sure as to the logic of how we've decided to customize it. We've only really used it since February and therefore there may be more to do on that front. That's why it's hard to say if something is missing or if we just aren't utilizing it."
"It would be nice to have additional forensic tools that you can build into the back end."
"The EDR portion could be better. I'm not a big fan, but it works."
IBM Resilient is ranked 4th in Security Incident Response with 17 reviews while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 61 reviews. IBM Resilient is rated 7.6, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of IBM Resilient writes "Simple deployment, scalable, but lacking third-party solution compatibility ". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". IBM Resilient is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, ServiceNow Security Operations, Fortinet FortiSOAR and Microsoft Sentinel, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Symantec Endpoint Security. See our IBM Resilient vs. VMware Carbon Black Endpoint report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
