Idira Endpoint Privilege Manager vs VMware Carbon Black App Control comparison

Idira and Broadcom are both solutions in the Application Control category. Idira is ranked #5 with an average rating of 8.7, while Broadcom is ranked #7. Idira holds a 9.0% mindshare in AC, compared to Broadcom’s 10.3% mindshare. Additionally, 86% of Idira users are willing to recommend the solution, compared to 100% of Broadcom users who would recommend it.

Idira Endpoint Privilege Ma...

Read 38 Idira Endpoint Privilege Manager reviews

5,857 Views
410 Comparison Views

86% willing to recommend

VMware Carbon Black App Con...

Read 8 VMware Carbon Black App Control reviews

1,104 Views
1,027 Comparison Views

100% willing to recommend

Idira Endpoint Privilege Ma...

VMware Carbon Black App Con...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 2, 2026

Idira Endpoint Privilege Manager and VMware Carbon Black App Control compete in the endpoint security and application control category. While both offer strong features, Idira has an edge in scalability and integration capabilities, and VMware is favored for its effective application whitelisting.

Features: Idira Endpoint Privilege Manager provides granular control over privileges, effective auditing, and reporting, benefiting organizations that need to manage endpoint access tightly. It is scalable and integrates well without interfering with productivity. VMware Carbon Black App Control is praised for its strong application control and ensures only approved applications run, offering excellent visibility and reporting in security.

Room for Improvement: Idira users report challenges with performance, complex setups, and automation in onboarding. The need for stronger support and more intuitive policy configurations is noted. VMware Carbon Black App Control users suggest improvements in support for Mac OS, reduction of false positives, and better support for non-standard operating systems, with a need for improved integration.

Ease of Deployment and Customer Service: Idira's deployment is flexible, offering hybrid cloud options, but faces mixed reviews regarding slow support, albeit competent. Users appreciate the e-learning resources offered. VMware Carbon Black App Control primarily focuses on on-premises and private cloud deployment with difficulties noted in obtaining timely support, highlighting a need for better response times.

Pricing and ROI: Idira is noted for being costly, especially for small businesses, but valued for security enhancements. Its pricing is based on users and sessions. VMware Carbon Black App Control is seen as competitively priced, offering cost-effectiveness in application control and endpoint security. Both solutions offer positive ROI, with Idira noted for reducing IT support needs, while VMware focuses on application control benefits.

To learn more, read our detailed Idira Endpoint Privilege Manager vs. VMware Carbon Black App Control Report (Updated: April 2026).

Buyer's Guide

Idira Endpoint Privilege Manager vs. VMware Carbon Black App Control

April 2026

Download the complete report

Helped 896,692 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Idira Endpoint Privilege Ma...

Ranking in Application Control

5th

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Endpoint Compliance (5th), Privileged Access Management (PAM) (5th), Anti-Malware Tools (11th), Ransomware Protection (6th)

VMware Carbon Black App Con...

Ranking in Application Control

7th

Average Rating

9.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of June 2026, in the Application Control category, the mindshare of Idira Endpoint Privilege Manager is 9.0%, up from 3.5% compared to the previous year. The mindshare of VMware Carbon Black App Control is 10.3%, down from 22.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Control Mindshare Distribution
Product	Mindshare (%)
CyberArk Endpoint Privilege Manager	9.0%
VMware Carbon Black App Control	10.3%
Other	80.7%

Application Control

Featured Reviews

Diego Rivera

Commercial and Technical Professional Manager at Evolution Technologies Group

Strengthening financial services infrastructure by safeguarding and integrating with ecosystems

We use CyberArk Endpoint Privilege Manager to complement a privilege access management solution in order to avoid golden ticket attacks and strengthen services against attacks. It serves as a complement to our asset management solution. The architecture of CyberArk Endpoint Privilege Manager is beneficial for integrating with all customer ecosystems; it's easy to deploy, and achieving that level of integration and control is more challenging with other solutions. The ability of CyberArk Endpoint Privilege Manager to safeguard our financial services infrastructure is very important, as we need to record actions on privileges in our information systems. Regarding the granularity of the managed controls in CyberArk Endpoint Privilege Manager, we have different levels of features to define compensations and capabilities, which help us verify configurations and access, ultimately keeping the safety of rights intact. Our initial challenge with CyberArk Endpoint Privilege Manager is to comply with Colombian regulations in the financial sector, particularly identifying users and managing password changes and rotations. We needed to certify the identities and provide necessary information for government investigations, if required. CyberArk Endpoint Privilege Manager is very important for helping our organization meet compliance and regulatory requirements. We have to comply with international regulations such as SOC, but also with local regulations unique to the financial sector, which is crucial for us due to the high risks involved. CyberArk Endpoint Privilege Manager helped us reduce the time for regulatory processes to approximately two to four months, completing the solution and training. CyberArk Endpoint Privilege Manager has helped us reduce the mean time to detect within our organization. That's our main goal. Regarding MTTD, the solution provides enough information to enhance our overall detection process. We have an 85% improvement in MTTD. CyberArk Endpoint Privilege Manager helps ensure data privacy through strategies that manage information in real-time. CyberArk Endpoint Privilege Manager helps save costs by avoiding risks and future expenses associated with security incidents. It's essential to communicate the value of CyberArk Endpoint Privilege Manager to users, as its controls help improve system security. My role at the company involves service and sales activities.

Read full review

Abdelattim Abdelattim

Security Administrator at EJADA

We can isolate problem machines and limit their access

We use App Control to scan the network for virtual machines that have unauthorized applications. We can isolate the problem VMs and control application access. More than two years. I rate Carbon Black App Control 10 out of 10 for stability. I rate App Control six out of 10 for scalability.…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The stability of CyberArk Endpoint Privilege Manager is excellent, with an uptime of 99.99 percent."

"The most valuable feature of the solution is its performance."

"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."

"This is the number one product for privilege account security."

"The solution is pretty mature and can accommodate our use cases quite well."

"The biggest benefit of CyberArk EPM for our customers is control over privileged access for endpoints. Endpoints are often the starting point for attackers to enter and move within a network. CyberArk EPM bridges the gap between security and operations teams. Operations teams are happy because work isn't stopped due to admin rights issues, while security teams are satisfied that full admin rights aren't given to all users."

"The tool is an endpoint management system. It monitors everything a standard user does and helps elevate privileges when necessary for advanced users. It keeps an auditable trail of all activities. Practically, it stops and blocks potentially hazardous user behavior, whether intentional or unintentional. Certain companies must use endpoint management software because of national or international rules or ISO norms."

"There are many valuable aspects of the product, but the most common feature is working with the privileges. The controls of CyberArk Endpoint Privilege Manager influence the visibility into endpoints for my customers. It allows them to granularly manage controls to prevent some malicious activities on the endpoint machine."

More Idira Endpoint Privilege Manager pros

"It offers a sense of security where anything that comes in, regardless of what it is, unless you approve it manually, it's not going to run."

"Carbon Black offers a total lockdown solution; it shows us the attacks that are being attempted against our infrastructure and how we are being protected."

"The effectiveness of application whitelisting is very good."

"The visibility, reporting, and the ability to stop or prevent malicious or undesired applications from being installed are the most valuable features."

"All the functions within VMware Carbon Black App Control are valuable."

"I use the console to check for threats and I find it to be very user-friendly."

"If any malicious activity, like VAT viruses, anything RNE, ZOD malware, or something similar, comes in we know that unless we approve it, it's going to be blocked."

"All the functions within VMware Carbon Black App Control are valuable."

More VMware Carbon Black App Control pros

Cons

"CyberArk meets clients' need very spot-on. It covers everything customers ask for. As for improvements, honestly, the feedback's been really positive. I haven't heard any specific areas that need work."

"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."

"Compared to other tools like Linux, this solution isn't as user-friendly."

"CyberArk Endpoint Privilege Manager could be improved by simplifying the administration process, specifically when setting up policies and applications."

"Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond. If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources."

"The CyberArk team is working on a feature to identify devices without the Endpoint Privilege Manager running, which is currently missing."

"CyberArk should consider whitelisting important applications like PowerShell and DLL that are currently not allowed due to some malicious content."

"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution."

More Idira Endpoint Privilege Manager cons

"Another issue is that even sometimes if you approve, for example, Adobe as a publisher, you say any product or anything that's from Adobe has to run. It generally runs, but especially in a large environment and with a lot of users, sometimes, due to some certification validation issues or some other issue, it might stop the process from running. Genuine processes like Adobe and Chrome can get blocked. so that needs to be improved."

"The reporting is not good and needs to be improved."

"Its setup is very complex, and it requires guidance from the support team, but it is well worth the effort."

"The initial setup is somewhat complex."

"Carbon Black does not use the database for identifying the file, the fields, or malware."

"I rate App Control six out of 10 for scalability."

"The initial setup is somewhat complex."

More VMware Carbon Black App Control cons

Pricing and Cost Advice

"The tool's pricing is reasonable for customers."

"The cost for CyberArk is very high."

"CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive."

"I think that it was in the range of $200,000 that had to get approved."

"CyberArk Endpoint Privilege Manager has a very high price, so it's a one out of ten for me in terms of pricing."

"Although I do not deal directly with the pricing, CyberArk Endpoint Privilege Manager is costly compared to other solutions. However, it offers beneficial features."

"We pay about $17 per user."

"It's not at the lower end of the market. I think the price is reasonable considering the quality it delivers. It is a top-notch solution at a fair price point."

More Idira Endpoint Privilege Manager pricing and cost advice

"We pay a fee for support, which is renewed annually."

"Its price is reasonable and what is expected for these types of products."

"The pricing for this product is competitive and our customers who told us that often, Carbon Back is the cheaper solution."

See which vendors are best for you

Use our free recommendation engine to learn which Application Control solutions are best for your needs.

See recommendations

896,692 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

14%

Manufacturing Company

11%

Computer Software Company

Government

Financial Services Firm

23%

Computer Software Company

Government

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	18
Midsize Enterprise	9
Large Enterprise	19

By reviewers
Company Size	Count
Small Business	4
Large Enterprise	4

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats

This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...

See all answers

What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?

I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing t...

See all answers

What needs improvement with CyberArk Endpoint Privilege Manager?

While CyberArk Endpoint Privilege Manager is a great tool, I believe the functionality could be wider. If it could work not only with permissions but also involve pure EDR tasks or User and Entity ...

See all answers

Ask a question

Earn 20 points

Comparisons

BeyondTrust Endpoint Privilege Management vs Idira Endpoint Privilege Manager

Compared 7% of the time

Idira Privileged Access Manager vs Idira Endpoint Privilege Manager

Compared 6% of the time

Microsoft Defender for Endpoint vs Idira Endpoint Privilege Manager

Compared 5% of the time

Ivanti Endpoint Security for Endpoint Manager vs Idira Endpoint Privilege Manager

Compared 5% of the time

CrowdStrike Falcon vs Idira Endpoint Privilege Manager

Compared 4% of the time

More Idira Endpoint Privilege Manager Competitors

Airlock Digital Application Control vs VMware Carbon Black App Control

Compared 26% of the time

Ivanti Application Control vs VMware Carbon Black App Control

Compared 13% of the time

McAfee Application Control vs VMware Carbon Black App Control

Compared 12% of the time

ThreatLocker Zero Trust Platform vs VMware Carbon Black App Control

Compared 12% of the time

More VMware Carbon Black App Control Competitors

Product Reports

Buyer's Guide

Idira Endpoint Privilege Manager

May 2026

Download Idira Endpoint Privilege Manager product report

Buyer's Guide

VMware Carbon Black App Control

May 2026

Download VMware Carbon Black App Control product report

Also Known As

Viewfinity

CB Protection, Carbon Black CB Protection

Overview

CyberArk Endpoint Privilege Manager enhances security by controlling access, removing admin rights, and managing privileges. It supports diverse environments with simple integration, focusing on credential detection, threat protection, and compliance.

CyberArk Endpoint Privilege Manager secures enterprise passwords, monitors session connections, and enhances cybersecurity by controlling privileged access. It blocks unauthorized applications, monitors user activities, and secures credentials across platforms. Key areas include Just-In-Time Access, privilege separation, and local administrator password rotation. While robust, challenges exist with performance, complexity, and setup. Integration with Linux and Unix needs improvement, requiring advanced reporting tools and easier policy management. Pricing concerns and maintenance issues with Windows servers persist, as well as database issues in the on-prem version.

What are the key features of CyberArk Endpoint Privilege Manager?

Admin Rights Removal: Eliminates unnecessary permissions to enhance security.
Privilege Management: Offers detailed control over user access rights.
Password Rotation: Automatically updates passwords to protect sensitive data.
Threat Protection: Blocks malicious applications and threats proactively.
Audit Capabilities: Provides comprehensive security and compliance tracking.
Application Control: Confines access to authorized applications only.
Automatic Updates: Ensures security protocols and software remain current.

What benefits should organizations expect from CyberArk Endpoint Privilege Manager?

Enhanced Security: Reduces risks by controlling credential and application access.
Compliance Assurance: Meets industry standards through thorough tracking and reporting.
Scalable Integration: Adapts to different environments smoothly.
Reduced Management Efforts: Automates credential and policy management.

Organizations deploying CyberArk Endpoint Privilege Manager in industries such as finance, healthcare, and technology benefit from secure credential management across Unix, AWS, and GCP. By implementing privilege separation and monitoring user activities, they achieve effective risk mitigation and compliance across multiple platforms.

Idira

VMware Carbon Black App Control offers sophisticated application whitelisting, endpoint protection, and security for end-of-life systems through a user-friendly console that supports threat detection and incident response.

Designed for effective application control, VMware Carbon Black App Control strengthens security by preventing unauthorized installations and controlling application execution. It enhances visibility and reporting for comprehensive threat analysis. However, users report frequent false positives, especially with system processes and occasionally with approved software. Integration with Mac OS and reporting features need improvement, and the setup process can be complex without assistance. It utilizes user behavior for identifying files or malware, which some find cumbersome.

What are the key features of VMware Carbon Black App Control?

Application Whitelisting: Prevents unauthorized applications from running.
Granular Analysis: Offers in-depth threat analysis for effective security management.
Endpoint Protection: Secures endpoints against unauthorized changes.
Open API Integration: Facilitates seamless integration with security systems.
Detailed Reporting: Provides comprehensive visibility into potential threats.

What benefits and ROI should users expect?

Enhanced Security: Strengthens protection against unauthorized installations and threats.
Improved Visibility: Offers detailed insights for better threat management.
Efficient Incident Response: Supports quick and effective responses to incidents.
Simplified Management: User-friendly interface aids in managing applications effectively.

Deployed across industries such as finance, healthcare, and government, VMware Carbon Black App Control is used for securing both virtual and physical servers. It acts as a host-based intrusion detection system, and is ideal for lockdown protection, threat analysis, and controlling application access to protect against attacks. Organizations use it to scan for unauthorized virtual machines, enforcing stricter security protocols.

Broadcom

Sample Customers

Information Not Available

Kaas Tailored, Core-Mark, Indeed, Hologic, Landmark Credit Union, Project Worldwide

Buyer's Guide

Idira Endpoint Privilege Manager vs. VMware Carbon Black App Control

April 2026

Free Report: Idira Endpoint Privilege Manager vs. VMware Carbon Black App Control

Find out what your peers are saying about Idira Endpoint Privilege Manager vs. VMware Carbon Black App Control and other solutions. Updated: April 2026.

DOWNLOAD NOW

896,692 professionals have used our research since 2012.

See our Idira Endpoint Privilege Manager vs. VMware Carbon Black App Control report.

See our list of best Application Control vendors.

We monitor all Application Control reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.