Proofpoint Threat Response vs VMware Carbon Black Endpoint comparison

Proofpoint Threat Response vs. VMware Carbon Black Endpoint

Download the complete report

Helped 849,963 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Proofpoint Threat Response

Ranking in Security Incident Response

4th

Average Rating

8.0

Reviews Sentiment

7.7

Number of Reviews

Ranking in other categories

No ranking in other categories

VMware Carbon Black Endpoint

Ranking in Security Incident Response

1st

Average Rating

7.8

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (21st), Endpoint Detection and Response (EDR) (15th), Ransomware Protection (5th)

Mindshare comparison

As of May 2025, in the Security Incident Response category, the mindshare of Proofpoint Threat Response is 17.6%, up from 7.8% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 7.9%, down from 18.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Incident Response

Featured Reviews

Giuseppe Sgroi

Senior Project Manager at CAP Holding S.p.A.

Blocks potential spam emails efficiently and integrates well with our security framework

We use the product to verify and manage emails sent and received through our Microsoft Exchange server, focusing on blocking potential spam emails The platform's most valuable include the ability to check emails and block potential spam. The platform's technical support services and pricing need…

Read full review

Nikunj Kamboj

Cybersecurity Analyst at OnX Canada

Integrates well with our existing SIEM tool and helps in identifying suspicious activities

The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it. The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization. Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The platform's most valuable include the ability to check emails and block potential spam."

"Support is very responsive."

"If something's pulled and then it's later declared a false positive, it will automatically restore. They also take automatic feeds from their advanced threat detection modules."

"It has reduced our manual efforts to remove emails from each user's inbox, and in this case we do not have to ask our IT department or users to do so."

"The best part of Proofpoint Threat Response is the Auto-Pull feature. Being able to pull an email back from a user's mailbox is very useful, yet I have noticed that not a lot of organizations use this kind of feature."

"The EDR and reports were helpful in improving our organization."

"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."

"We can access computers remotely if we need to."

"The product's most valuable feature is its ability to be fully integrated with the VMware environment."

"The product enables device controls, helping us protect the devices and prevent data leakages."

"The threat analysis functionality is good."

"It gives you all of the information in a short and sweet fashion."

"It actually does some heuristics, and some behavioral analysis."

More VMware Carbon Black Endpoint pros

Cons

"The interface within Threat Response could be made simpler."

"If the reporting gets improved then it would be better, but the product is running amazing as it is."

"Has some quirks."

"The on-premise version doesn't scale well for large companies."

"The platform's technical support services and pricing need improvement."

"This solution works well but needs lots of tuning and optimization."

"The GUI and reporting should be addressed and the product's administration features need fine tuning."

"Needs improvement in the area of infrastructure for on-premise installation."

"It would be nice to have additional forensic tools that you can build into the back end."

"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."

"Report generation can be improved."

"I haven't run into anything that needs improvement. The website interface can be a little bit better, but it's still good as compared to most others."

"The product's stability could be improved."

More VMware Carbon Black Endpoint cons

Pricing and Cost Advice

"The way most big companies work with Proofpoint is that they try to tie everything into an enterprise license. I can't comment on the actual costs, however I do know that alternative solutions such as Abnormal Security can be much more expensive than Proofpoint Threat Response."

"It's quite affordable to have it with this much functionality and ease to administrate."

"The licensing cost is on the more expensive side, but I thought it was worth it because they did a good job. It was one of the vendors I truly didn't have to worry about too much until this latest upgrade."

"Overall, it was cost-effective too."

"The price for the solution is completely at government level, meaning one which is very high."

"In terms of licensing costs, Carbon Black CB Defense was all associated with CROW and the services my company is using with them, so it came all-inclusive."

"I am not really involved in the pricing of this product. But, from my understanding, it is OK for us."

"It is more expensive, but it's worth it. There are no additional costs beyond the standard licensing fee."

"The product is expensive. There are some additional costs apart from the standard licensing charges attached to the solution."

"We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."

More VMware Carbon Black Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.

See recommendations

849,963 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Healthcare Company

16%

Energy/Utilities Company

13%

Computer Software Company

10%

Computer Software Company

15%

Financial Services Firm

11%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your experience regarding pricing and costs for Proofpoint Threat Response?

I have a vague idea because I don't know what others are charging. But we felt that putting up with the pains and having to spend more time keeping it running than we expected is still better than ...

What needs improvement with Proofpoint Threat Response?

The platform's technical support services and pricing need improvement.

What is your primary use case for Proofpoint Threat Response?

We use the product to verify and manage emails sent and received through our Microsoft Exchange server, focusing on blocking potential spam emails.

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

What do you like most about Carbon Black CB Defense?

VMware Carbon Black Endpoint is a highly stable solution.

Splunk Attack Analyzer vs Proofpoint Threat Response

Comparisons

Compared 41% of the time

Palo Alto Networks Cortex XSOAR vs Proofpoint Threat Response

Compared 23% of the time

Cofense Triage vs Proofpoint Threat Response

Compared 20% of the time

ServiceNow Security Operations vs Proofpoint Threat Response

Compared 16% of the time

More Proofpoint Threat Response Competitors

CrowdStrike Falcon vs VMware Carbon Black Endpoint

Compared 15% of the time

Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint

Compared 13% of the time

SentinelOne Singularity Complete vs VMware Carbon Black Endpoint

Compared 9% of the time

Trellix Endpoint Security vs VMware Carbon Black Endpoint

Compared 9% of the time

Trend Micro Deep Security vs VMware Carbon Black Endpoint

Compared 8% of the time

More VMware Carbon Black Endpoint Competitors

Product Reports

Proofpoint Threat Response

Download Proofpoint Threat Response product report

VMware Carbon Black Endpoint

Download VMware Carbon Black Endpoint product report

Also Known As

No data available

Carbon Black CB Defense, Bit9, Confer

Overview

No defense can stop every attack. When something does get through, Proofpoint Threat Response takes the manual labor and guesswork out of incident response to help you resolve threats faster and more efficiently. Get an actionable view of threats, enrich alerts, and automate forensic collection and comparison. For verified threats, quarantine and contain users, hosts, and malicious email attachments - automatically or at the push of a button.

Proofpoint

VMware Carbon Black Endpoint provides comprehensive endpoint security against ransomware, spyware, malware, and viruses, catering to both cloud and on-premise environments.

VMware Carbon Black Endpoint facilitates endpoint detection and response, threat hunting, application control, antivirus support, and protection for virtual and physical machines. Features include intelligent learning, whitelisting, and integration with other security tools, making it suitable for distributors, MSPs, and enterprises seeking advanced threat defense and real-time monitoring. With its capability to detect and stop malicious executables, it supports both offline and online environments and offers tools like command shell access for deeper investigation.

What are the key features of VMware Carbon Black Endpoint?

Intelligent learning: Improves detection capabilities over time.
Whitelisting: Allows only approved applications to run.
Integration with other security tools: Enhances overall security posture.
Centralized cloud control: Manages endpoints from a single interface.
Command shell access: Offers deeper investigation capabilities.
Dynamic grouping: Facilitates organized endpoint management.
Simplified policy management: Streamlines security policy implementation.
API for system remoting: Allows remote system access and management.
Twenty-four-seven support: Provides continuous assistance and response.

What are the benefits of VMware Carbon Black Endpoint?

Real-time monitoring: Offers constant vigilance against threats.
Threat hunting: Identifies and mitigates threats proactively.
Historical data analysis: Assists in understanding past incidents and patterns.
Improved endpoint protection: Enhances overall endpoint security.
Enhanced threat detection: Reduces exposure to advanced threats.

VMware Carbon Black Endpoint is implemented across various industries including technology, healthcare, and finance. Organizations utilize it in cloud and hybrid environments, enhancing their security frameworks with real-time monitoring, intelligent learning, and robust threat detection capabilities tailored to their specific industry needs.

VMware

Sample Customers

University of Waterloo, Akorn, Fenwick and West LLP

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Proofpoint Threat Response vs. VMware Carbon Black Endpoint