


VMware Carbon Black Endpoint and Red Canary are comprehensive cybersecurity solutions competing in endpoint security. Red Canary seems to have the upper hand due to its robust features and superior customer support according to user reviews.
Features: VMware Carbon Black Endpoint offers real-time threat detection, automated response capabilities, and integration with various IT environments. Red Canary provides advanced threat detection algorithms, 24/7 monitoring, and actionable insights. Users value Red Canary's detailed threat reporting and quick incident response.
Room for Improvement: VMware Carbon Black Endpoint needs to improve its scalability, reduce resource consumption on endpoints, and address system performance during scans. Red Canary could benefit from managing alert volume, fine-tuning for optimal performance, and reducing alert overwhelm for users.
Ease of Deployment and Customer Service: VMware Carbon Black Endpoint is straightforward to deploy but may require specialized knowledge for advanced configurations. Customer service is positively rated but could have faster response times. Red Canary is praised for its seamless deployment process and exceptional, responsive, and knowledgeable customer support.
Pricing and ROI: VMware Carbon Black Endpoint is cost-effective, especially for larger enterprises with complex security needs, providing satisfactory ROI. Red Canary, although perceived as pricier, delivers high value with its comprehensive features and responsive support, leading to strong ROI.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
In Cortex XDR by Palo Alto Networks, most of the remediation is automated and the accuracy is quite good.
Any missed detection will definitely be triggered by Red Canary.
We have probably spent maybe 15% of the time that we were spending on incident investigation and system monitoring, demonstrating a return on investment.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
In emergencies, there is an on-call person available to resolve issues immediately.
Their customer support is excellent.
If I need more details about any incident, there is a contact us option to reach an agent.
Regarding the technical support of Broadcom, they are responsive and helpful.
You can onboard 10,000 endpoints in just hours, which demonstrates the excellent scalability of this product.
Activating the newly purchased licenses is instantaneous, allowing installations without adjustments since it's cloud-based.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
We've been able to connect and throw all of the data that we have access to over to their systems to parse, process, and monitor without issue.
The solution's scalability has had a medium impact on the IT environment.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR by Palo Alto Networks can be trusted completely.
VMware Carbon Black Endpoint is slow for the stability rating.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Red Canary can be improved by continuing to add new features and capabilities.
I wish Red Canary could have a graph that shows the endpoint, user, and how it spreads, providing a visual representation to easily identify what happened.
Red Canary's pricing spectrum may not be ideal for smaller financial institutions.
I think VMware Carbon Black Endpoint should improve in every area, because currently the NetGen AV, even from Microsoft and even from CrowdStrike, is better than VMware Carbon Black Endpoint.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Compared to CrowdStrike, which is very costly, and SentinelOne, which is also very costly, Cortex XDR by Palo Alto Networks is a medium cost-efficient solution.
The services are higher priced.
My rating for the pricing of VMware Carbon Black Endpoint is that it is not cheap, but it is also not as inexpensive as I would prefer.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
Red Canary has impacted my organization positively because we treat any ticket triggered by them as high priority due to the fact that 99 percent of the time it is a true positive.
Red Canary detects threats and attack patterns, allowing us to assess any significant damage caused to the banking environment, particularly if protected data has been damaged or corrupted.
In my experience, the best features Red Canary offers are their team, their monitoring team, their expertise at incident investigation, and a focus on suspicious or actual indicators of compromise to ensure that we're not spending time just reviewing logs, but that we're actually looking at things that may indicate we have broader issues.
I assess VMware Carbon Black Endpoint's machine learning capabilities in detecting unknown threats as fantastic.
VMware Carbon Black Endpoint does facilitate endpoint protection and incident response, and it is an EDR.
| Product | Mindshare (%) |
|---|---|
| Cortex XDR by Palo Alto Networks | 3.6% |
| VMware Carbon Black Endpoint | 1.8% |
| Red Canary | 0.7% |
| Other | 93.9% |

| Company Size | Count |
|---|---|
| Small Business | 46 |
| Midsize Enterprise | 21 |
| Large Enterprise | 53 |
| Company Size | Count |
|---|---|
| Small Business | 6 |
| Large Enterprise | 2 |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 9 |
| Large Enterprise | 33 |
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
Red Canary Managed Detection and Response (MDR) offers robust threat detection, rapid response capabilities, continuous security monitoring, and seamless integration with existing tools. Valued for its actionable reporting and proactive threat intelligence, it streamlines operations and enhances organizational efficiency and security.
VMware Carbon Black Endpoint enhances endpoint security with its robust EDR, threat detection, and live response features. The cloud-based architecture supports remote management and easy setup while behavioral monitoring and dynamic grouping minimize security risks.
VMware Carbon Black Endpoint is designed for those seeking comprehensive endpoint protection. With its cloud-based deployment, organizations experience streamlined remote control and simplified rollout processes. Its behavioral monitoring, incident response capabilities, and firewall integration deliver advanced security measures. Although it addresses many security challenges, areas like manual alert management, on-demand scanning, and integration with systems like AlienVault USM require refinement. Improved UI, EDR components, and flexible pricing models would enhance user satisfaction. On-premise deployment infrastructure and compatibility issues with some operating systems need attention. Enhanced reporting, container security, and multi-tenancy support are also essential for fulfilling industry needs. AI-driven analysis and threat isolation empower companies by fostering proactive management.
What are the key features of VMware Carbon Black Endpoint?
What benefits should users look for when evaluating VMware Carbon Black Endpoint?
VMware Carbon Black Endpoint finds extensive application in industries focused on stringent security requirements. Managed security service providers leverage its capabilities to deliver comprehensive protection to multiple clients worldwide. Organizations use it primarily for antivirus protection and incident management, integrating it with their existing security frameworks to strengthen endpoint visibility and real-time threat prevention. Its advanced detection and application control features make it a preferred choice in industries that prioritize robust security measures. However, it requires improvements in terms of system compatibility and customization flexibility to better serve diverse industry environments.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.