No more typing reviews! Try our Samantha, our new voice AI agent.

SanerNow CyberHygiene Platform vs VMware Carbon Black Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
SanerNow CyberHygiene Platform
Ranking in Endpoint Detection and Response (EDR)
42nd
Average Rating
9.6
Reviews Sentiment
7.6
Number of Reviews
2
Ranking in other categories
Vulnerability Management (49th), Patch Management (17th), Risk-Based Vulnerability Management (19th)
VMware Carbon Black Endpoint
Ranking in Endpoint Detection and Response (EDR)
31st
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
65
Ranking in other categories
Endpoint Protection Platform (EPP) (31st), Security Incident Response (6th), Ransomware Protection (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of SanerNow CyberHygiene Platform is 0.7%, up from 0.1% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.8%, up from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
VMware Carbon Black Endpoint1.8%
SanerNow CyberHygiene Platform0.7%
Other93.9%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JU
Information Technology Supervisor at DMCI Homes, Inc.
Can automate updates and manage software licenses more effectively
Our team uses the SanerNow CyberHygiene Platform for threat detection, focusing on features like vulnerabilities and asset exposure. The asset exposure feature is packaged with software licenses and machines. We get the latest updates and patches for Windows workstations and applications for remediation. We can automate these updates, which greatly improves our previous manual and scripting-based tools. Before, we struggled with setting policies and making changes to workstations. Now, we can automate updates and manage software licenses more effectively. We monitor who's using various licenses like Office, CAD, Visio, and Lumion.
PM
CTO at Microsoft
Improved incident investigation has supported response while core protection still needs progress
VMware Carbon Black Endpoint does not have easy integration, as there are many complexities with the Ribitava API, which is very deep. I rate this solution overall as a five or six on a scale from one to ten. I have integrated VMware Carbon Black Endpoint with other tools that are helpful. I think this solution should be targeted at small clients, because adoption will grow more with small businesses tomorrow.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Technical support is the best in class, in my opinion, because they have invested heavily in research and development."
"There are a lot of lead solutions in this space, however, Palo Alto is number one."
"It is easy to use."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"The policy configuration is great, the granularity of policies that are available is very helpful, it is straightforward to set up, and it has pretty much everything we need and works well within the Palo Alto ecosystem."
"Stability is one of the features we like the most."
"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"Implementing Cortex XDR by Palo Alto Networks has had a significant impact on my security analyst workload because it becomes much easier."
"Although it is, in fact, a complete vulnerability management solution, the most valuable feature is the patch management functionality. Most of our customers give preference to this tool over other tools when it comes to patch management."
"Our team uses the SanerNow CyberHygiene Platform for threat detection, focusing on features like vulnerabilities and asset exposure. The asset exposure feature is packaged with software licenses and machines. We get the latest updates and patches for Windows workstations and applications for remediation. We can automate these updates, which greatly improves our previous manual and scripting-based tools."
"The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"The most valuable feature is that it detects and stops malicious executables."
"The product itself works quite well, it's pretty intuitive, but there is so much more data and capabilities at your fingertips."
"It is more expensive, but it's worth it."
"Behavioral Monitoring stops known malicious events before they even begin."
"It is stable and easy to set up."
"Carbon Black Cb Defense has a nice component called Alert Triage; it has helped to detect threats across the data and contains full details of the process execution kill chain and go live for immediate remediation."
 

Cons

"One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well."
"I have faced some issues with Cortex XDR by Palo Alto Networks; there is room for improvement in the sense that certain options prevent us from seeing and segregating data."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"Product might have some bugs."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"The downside to the solution is that there are a large number of false positives."
"I have run into some detection issues with Cortex XDR. It needs to be better at detection of internal attacks."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"SanerNow has good integration with the more well known ITSM tools, but at the same time there are many other ITSM (IT Service Management) tools available in the market, including local tools here in India, and I'm not sure how SanerNow plans to integrate with them all out of the box."
"SanerNow CyberHygiene Platform needs to incorporate more documentation."
"The EDR portion could be better. I'm not a big fan, but it works."
"The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."
"The product's stability could be improved."
"I'm not sure as to the logic of how we've decided to customize it. We've only really used it since February and therefore there may be more to do on that front. That's why it's hard to say if something is missing or if we just aren't utilizing it."
"The solution would be more effective if there was a way to block automatically based on behavior."
"But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."
"Its compatibility can be improved. It did crash a server during deployment, which is not something that I want to happen. Its deployment should also be easier. The whole deployment cycle needs to be simplified. It is an enterprise solution, and to set it up right now, you have to be an expert."
"Adding an application and a device control feature would be a great help for this solution."
 

Pricing and Cost Advice

"It has a yearly renewal."
"I don't like that they have different types of licenses."
"The price of the product is not very economical."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"Its pricing is kind of in line with its competitors and everybody else out there."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"It is "expensive" and flexible."
"I feel it is fairly priced."
"As with several other solutions such as Microsoft MECM and SCCM, the licensing for SanerNow involves per-device pricing for each kind of product or service on offer."
"The pricing is reasonable - we paid about 2.5 million for 3,500 nodes."
"Price-wise, VMware Carbon Black Endpoint is a highly-priced solution. Regarding the licensing cost of the solution, one needs to opt for an annual subscription."
"The solution has almost the same price as other different kinds of infrastructures, but it offers a lot of different features."
"It is more expensive, but it's worth it. There are no additional costs beyond the standard licensing fee."
"The license is annual. It's a standard license."
"Its pricing was very good, which is one of the reasons I went to it as an alternative. It is on a yearly basis. There are no additional fees."
"The pricing is very high."
"Carbon Black provides competitive pricing."
"Overall, it was cost-effective too."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Outsourcing Company
14%
Construction Company
8%
Retailer
8%
Financial Services Firm
8%
Financial Services Firm
10%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business31
Midsize Enterprise9
Large Enterprise33
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for SanerNow?
The pricing is reasonable - we paid about 2.5 million for 3,500 nodes.
What needs improvement with SanerNow?
SanerNow CyberHygiene Platform needs to incorporate more documentation.
What is your primary use case for SanerNow?
We use the tool for patch, application, and vulnerability management.
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) s...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoin...
What is your experience regarding pricing and costs for Carbon Black CB Defense?
My rating for the pricing of VMware Carbon Black Endpoint is that it is not cheap, but it is also not as inexpensive ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
SecPod SanerNow, SanerNow RP
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Siemens, Aruba, SironLabs, POS Aviation, Kotak, Kaizen Automotive, Amagi, McNeilus Steel, Claremont, Glassbeam, Marlabs, Amazon Web Services
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about SanerNow CyberHygiene Platform vs. VMware Carbon Black Endpoint and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.