Rapid7 InsightConnect vs VMware Carbon Black Cloud comparison

Security Orchestration Automation and Response (SOAR)

Download the complete report

Helped 850,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Rapid7 InsightConnect

Average Rating

8.0

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (21st)

VMware Carbon Black Cloud

Average Rating

8.4

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Security Incident Response (6th), Endpoint Detection and Response (EDR) (43rd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Rapid7 InsightConnect is designed for Security Orchestration Automation and Response (SOAR) and holds a mindshare of 0.8%, up 0.5% compared to last year.
VMware Carbon Black Cloud, on the other hand, focuses on Security Incident Response, holds 7.1% mindshare, down 8.8% since last year.

Security Orchestration Automation and Response (SOAR)

Security Incident Response

Featured Reviews

Chamindu Pramodya

Network and Security engineer at a university with 1,001-5,000 employees

Enables us to design workflows and integrate various processes

I design workflows and integrate various processes using Rapid7 InsightConnect. This includes integrating with value management and packaging and incorporating InsightVMware performance through Rapid7 InsightConnect The product is user-friendly. Customers are familiar with its usage. The…

Read full review

Tom Kar

Senior Security Specialist at Sopra

Shows promise for endpoint detection and response, with room for improvement in complexity and pricing

VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"InsightIDR's Attacker Behavioral Analytics (ABA) and User and Entity Behavior Analytics (UEBA) features have been very useful in maintaining our security posture."

"The tool is stable. The initial setup is straightforward. The product is user-friendly."

"The fact that it's a security orchestration, automated response solution with a vast level of insights and the ability to integrate with a number of other security tools."

"Based on my user experience, I would recommend InsightConnect for its user-friendly interface and excellent documentation."

"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."

"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."

"Carbon Black insures the probability that any ransomware will be stopped before spreading."

"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."

"They're highly stable in comparison with other solutions I have."

"The most valuable feature is its ability to seek out abnormal activity and to create alerts."

"The most valuable features are the threat-hunting and the batch console."

"We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."

More VMware Carbon Black Cloud pros

Cons

"The GUI needs improvement, as creating workflows can be cumbersome. More updated plugins are needed to leverage existing functionalities, such as APIs for functions like blocking malicious IPs in FortiGate."

"The GUI needs improvement, as creating workflows can be cumbersome."

"The technical support should be improved."

"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."

"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"

"One area for improvement is the maturity of its vulnerability features."

"The product detects too many false positives initially and it could integrate better with other security solutions."

"It's not highly available, so you have to have a core server. If the primary server goes down, you need a new one. It's not available at the same time, however. It's not automatically swapped from one server to another."

"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."

"The solution's support could be improved."

"Additionally, it is complex to use, and the pricing should be improved."

More VMware Carbon Black Cloud cons

Pricing and Cost Advice

Information not available

"VMware Carbon Black Cloud is an expensive solution."

"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."

"Pricing for this solution could be made lower."

"You need to pay for the licensing of the product. The pricing is costly."

"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."

"The solution is very inexpensive so there is great cost savings to using it."

See which vendors are best for you

Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.

See recommendations

850,760 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

10%

Manufacturing Company

University

Computer Software Company

18%

Real Estate/Law Firm

11%

Financial Services Firm

11%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your experience regarding pricing and costs for Rapid7 InsightConnect?

Compared to other SOAR solutions, the pricing is reasonable as Rapid7 provides it as a bundle called InsightIDR Ultimate, with unlimited workflows.

What needs improvement with Rapid7 InsightConnect?

The GUI needs improvement, as creating workflows can be cumbersome. More updated plugins are needed to leverage existing functionalities, such as APIs for functions like blocking malicious IPs in F...

What is your primary use case for Rapid7 InsightConnect?

We are using Rapid7 InsightConnect in a partner model, operating as a service provider. We buy licenses under World Data Direct and distribute them internally, acting as an MSSP.

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

What do you like most about Carbon Black CB Response?

Threat hunting is the most valuable feature of VMware Carbon Black Cloud.

Microsoft Sentinel vs Rapid7 InsightConnect

Comparisons

Compared 38% of the time

Palo Alto Networks Cortex XSOAR vs Rapid7 InsightConnect

Compared 35% of the time

Fortinet FortiSOAR vs Rapid7 InsightConnect

Compared 27% of the time

More Rapid7 InsightConnect Competitors

Splunk SOAR vs VMware Carbon Black Cloud

Compared 31% of the time

Rapid7 InsightIDR vs VMware Carbon Black Cloud

Compared 28% of the time

VMware Carbon Black Endpoint vs VMware Carbon Black Cloud

Compared 22% of the time

Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud

Compared 20% of the time

More VMware Carbon Black Cloud Competitors

Product Reports

Security Orchestration Automation and Response (SOAR)

Download Rapid7 InsightConnect product report

VMware Carbon Black Cloud

Download VMware Carbon Black Cloud product report

Also Known As

Rapid7 Insight Connect, Komand

Carbon Black CB Response

Overview

With InsightConnect, your team will get more done and respond to security events faster than ever before. And with significant time savings and productivity gains across overall security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time flat.

Rapid7

Fortify Endpoint and Workload Protection Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response. Recognize New Threats Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past. Simplify Your Security Stack Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.

VMware

Sample Customers

Starr Companies, Landmark Health

ALLETE belk

Security Orchestration Automation and Response (SOAR)