We performed a comparison between Microsoft Defender for Endpoint and VMware Carbon Black Cloud based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The most valuable feature is the analysis, because of the beta structure."
"The price is low and quite competitive with others."
"It is stable and scalable."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The fact that it's from Microsoft, you don't have many false positives, unlike products from other vendors might have."
"Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows."
"The comprehensiveness of Microsoft threat-protection products is great... Today, Microsoft Sentinel by itself is a leading Gartner SIEM tool. It has advantages over competitors because of the ability to integrate with Microsoft solutions and automate continuous monitoring of Microsoft AD and Office 365 data."
"Microsoft Defender for Endpoint is a robust platform."
"Real-time detection and cloud-based delivery of detections are highly efficient."
"Defender is a part of Windows; you just need to enable it. There is no need to install anything."
"The performance of Microsoft Defender for Endpoint has been a valuable feature."
"Microsoft Defender for Endpoint is free and part of the licensing stack of other Microsoft products."
"Threat hunting is the most valuable feature of VMware Carbon Black Cloud."
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The most valuable feature is its ability to seek out abnormal activity and to create alerts."
"Integration and scalability are the most valuable."
"The most valuable features are its lightweight design, ensuring minimal impact on end-users, and its real-time protection."
"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"Cannot be used on mobile devices with a secure connection."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The only minor concern is occasional interference with desired programs."
"We'd like to see more one-to-one product presentations for the distribution channels."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The dashboard isn't easy to access and manage."
"Making the portal mobile friendly would be helpful when I am out of office."
"The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard."
"We'd like the stability to be better."
"In active mode, it's great that it gives you so much information, but it does record every keystroke so you have a lot of logs... that amount of data logging started to add up in the cost."
"Other vendors provide a lot of customization when it comes to integration, which every big organization requires. No big organization depends on one particular tool. Defender lacks that at this point."
"There's scanning going on that occasionally topples the memory, causing everything to freeze. This should be fixed."
"The interface isn't necessarily intuitive to a nontechnical person. You can get stuck in the little endpoint security portal. Sometimes, if you uninstall a competitive product, the end user doesn't always know if it's running or if they're protected even though it's silently running. There could be a notification, widget, or something that's resident on the screen for at least a bit, especially if you're doing remote support. You want to talk them through it, but sometimes, we're not allowed to look at the PCs we support."
"This solution needs to move beyond relying on virus definitions alone and protect the system using behavioral analysis of the processes that are running."
"Microsoft Defender could be improved with features more like the McAfee ePO. It would be better if I had a console to get all the information for my endpoints. Maybe this is too much for it, but it would be better if it could handle those non-signature-based malicious codes or viruses."
"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
"It's not simple."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"Additionally, it is complex to use, and the pricing should be improved."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while VMware Carbon Black Cloud is ranked 28th in Endpoint Detection and Response (EDR) with 18 reviews. Microsoft Defender for Endpoint is rated 8.0, while VMware Carbon Black Cloud is rated 8.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of VMware Carbon Black Cloud writes " Shows promise for endpoint detection and response, with room for improvement in complexity and pricing ". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas VMware Carbon Black Cloud is most compared with VMware Carbon Black Endpoint, Fidelis Elevate, Palo Alto Networks Cortex XSOAR, Splunk SOAR and Rapid7 InsightIDR. See our Microsoft Defender for Endpoint vs. VMware Carbon Black Cloud report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.