No more typing reviews! Try our Samantha, our new voice AI agent.

Nyotron PARANOID vs VMware Carbon Black Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Nyotron PARANOID
Ranking in Endpoint Protection Platform (EPP)
58th
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
VMware Carbon Black Endpoint
Ranking in Endpoint Protection Platform (EPP)
31st
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
65
Ranking in other categories
Security Incident Response (6th), Endpoint Detection and Response (EDR) (31st), Ransomware Protection (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Nyotron PARANOID is 0.5%, up from 0.1% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 2.0%, up from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
VMware Carbon Black Endpoint2.0%
Nyotron PARANOID0.5%
Other93.7%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Abel Browarnik - PeerSpot reviewer
CEO at Expertos Browarnik
A cost-effective security solution for endpoint protection
The initial setup is complex. It is rare to see an effective endpoint protection system that does not require some effort. It is neither on the cloud nor on-premises. You deploy it on every endpoint or server, irrespective of perimeter. You must use a deployment tool unless you prefer to do it manually on every endpoint or server. We used an automation tool to deploy it. Since we had MSI with us. We had to verify that everything worked, but it didn't take more than two weeks for 1000 endpoints.
PM
CTO at Microsoft
Improved incident investigation has supported response while core protection still needs progress
VMware Carbon Black Endpoint does not have easy integration, as there are many complexities with the Ribitava API, which is very deep. I rate this solution overall as a five or six on a scale from one to ten. I have integrated VMware Carbon Black Endpoint with other tools that are helpful. I think this solution should be targeted at small clients, because adoption will grow more with small businesses tomorrow.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"First of all, it does the job. It prevents harm to the operating system. Also, the visibility it gives to the user and to the administrator is very good."
"This product really is the best solution for this security issue."
"Nyotron protects your users and does not acquire any threat intelligence."
"CB Defense is more powerful, and you can take more actions than others, and its security features and signatures are constantly updated, so it is more effective than other security solutions."
"Carbon Black has very good market strategies."
"The cost/benefit factor has great relevance in Cb Defense implementations."
"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
"The initial setup was fairly easy."
"​Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks.​"
"The portal is easy to use and manage."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
 

Cons

"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response."
"The solution could improve by providing better integration with their own products and others."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"Cortex XDR by Palo Alto Networks could improve its user interface, which is more complicated compared to competitors such as SentinelOne."
"The solution should be available on Linux and other platforms, including mobile platforms such as Android and iOS."
"The main feature that is missing is to have the same solution on servers. Currently it's only protecting the client side, not the server. If they would add the server in the same solution, that would be great."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"This product should be cheaper."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"The licensing price is a bit expensive when compared with other solutions."
"It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
"Sometimes the solution blocks items that were previously approved and we don't know why."
 

Pricing and Cost Advice

"I don't have any issues with the pricing. We are satisfied with the price."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"The tool's price is moderate."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"The cost depends on your chosen license type, like Pro or other licenses."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
Information not available
"The license is annual. It's a standard license."
"Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."
"VMware Carbon Black Endpoint is an expensive product."
"The pricing is annually based and operates through another department than mine."
"The product is expensive. There are some additional costs apart from the standard licensing charges attached to the solution."
"​The cost/benefit factor has great relevance in Cb Defense implementations​."
"This is a really expensive product and we pay licensing fees on a yearly basis."
"Its pricing was very good, which is one of the reasons I went to it as an alternative. It is on a yearly basis. There are no additional fees."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
No data available
Financial Services Firm
10%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business31
Midsize Enterprise9
Large Enterprise33
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Nyotron PARANOID?
There was an initial problem, we had to run the system in detection mode rather than prevention mode. The solution sh...
What is your primary use case for Nyotron PARANOID?
We use Nyotron PARANOID to protect endpoints. It serves as a second and last line of protection. It often detects thr...
What advice do you have for others considering Nyotron PARANOID?
They pushed updates frequently. Sometimes, an update breaks functionality, but it is easy to fix. It was an excellent...
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) s...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoin...
What is your experience regarding pricing and costs for Carbon Black CB Defense?
My rating for the pricing of VMware Carbon Black Endpoint is that it is not cheap, but it is also not as inexpensive ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
El Al Airlines
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about Nyotron PARANOID vs. VMware Carbon Black Endpoint and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.