Try our new research platform with insights from 80,000+ expert users

Secureworks Red Cloak Threat Detection and Response [EOL] vs VMware Carbon Black Endpoint comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Secureworks Red Cloak Threa...
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
No ranking in other categories
VMware Carbon Black Endpoint
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
63
Ranking in other categories
Endpoint Protection Platform (EPP) (27th), Security Incident Response (2nd), Endpoint Detection and Response (EDR) (20th), Ransomware Protection (6th)
 

Featured Reviews

reviewer1646754 - PeerSpot reviewer
Simple deployment with good reports and dashboard
In terms of what could be improved, there are a lot of things identified and there is a lot of continuous improvement. A lot of the things are of a short time frame and a lot are way out. There was a tuning process but nothing specifically to call out. As for what could be included in the next release, we are working on the basic feature set. There are probably some things that, as we move through it, we'll come across that are deficient but right now we are not that far along to know. I don't want to say that they could not do certain advancement. For example, there are some automated network response portions that we want to turn up, but we're not ready for that. I don't even know what the capabilities are there, but that's something that, probably in the next 24 months, we will move forward on.
Nikunj Kamboj - PeerSpot reviewer
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it. The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization. Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
"The tool is pretty stable."
"The product allows us to focus on endpoint and antivirus protection."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"I like the historical features, interface, and integration."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
 

Cons

"There are some automated network response portions that we want to turn up."
"Adding an application and a device control feature would be a great help for this solution."
"This solution works well but needs lots of tuning and optimization."
"Needs improvement in the area of infrastructure for on-premise installation.​"
"The initial setup is complex."
"There is room for improvement in the support and service team."
"The solution needs expanded endpoint query tools."
"Report generation can be improved."
"What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."
 

Pricing and Cost Advice

Information not available
"The product is expensive. There are some additional costs apart from the standard licensing charges attached to the solution."
"We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100."
"The price for the solution is completely at government level, meaning one which is very high."
"Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."
"Carbon Black provides competitive pricing."
"The solution has almost the same price as other different kinds of infrastructures, but it offers a lot of different features."
"CB Defense is available on a yearly subscription and is priced by the number of endpoints."
"The product’s price is less expensive than other vendors."
report
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
860,711 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Legal Firm
10%
Computer Software Company
10%
Manufacturing Company
10%
Financial Services Firm
10%
Computer Software Company
14%
Financial Services Firm
12%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Ask a question
Earn 20 points
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Defense?
VMware Carbon Black Endpoint is a highly stable solution.
 

Also Known As

Red Cloak Threat Detection and Response, Red Cloak TDR
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

Ricoh
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about ServiceNow, VMware, IBM and others in Security Incident Response. Updated: June 2025.
860,711 professionals have used our research since 2012.