ServiceNow Security Operations vs VMware Carbon Black Cloud comparison

ServiceNow Security Operations vs. VMware Carbon Black Cloud

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ServiceNow Security Operations

Ranking in Security Incident Response

2nd

Average Rating

8.0

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (8th), Risk-Based Vulnerability Management (10th)

VMware Carbon Black Cloud

Ranking in Security Incident Response

6th

Average Rating

8.4

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (46th)

Mindshare comparison

As of May 2025, in the Security Incident Response category, the mindshare of ServiceNow Security Operations is 18.2%, up from 13.8% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 7.1%, down from 8.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Incident Response

Featured Reviews

KishoreKumar4

Senior QE Lead at Cognizant

A low-cost and open-source tool for incident and change management

If we encounter challenges while deploying, we raise incidents. These incidents are categorized by priority: high, medium, and low. We assign an incident number and notify the relevant teams to address the issue. For instance, if we experience a problem with Cloud services or any other issue, we…

Read full review

Tom Kar

Senior Security Specialist at Sopra

Shows promise for endpoint detection and response, with room for improvement in complexity and pricing

VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."

"Multiple projects use the ServiceNow tool because it is a low-cost and open-source tool."

"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."

"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."

"The "follow" feature is really good. If the user is not responding, there's an option to "follow". Just click on the button, and it will automatically trigger an email to the end user."

"My favorite feature is the application vulnerability scanner."

"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."

"The product's most valuable features include the no-code capability for workflows and flow design, which makes it user-friendly, and the ability to perform advanced configurations."

More ServiceNow Security Operations pros

"They're highly stable in comparison with other solutions I have."

"Carbon Black insures the probability that any ransomware will be stopped before spreading."

"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."

"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."

"For setup, the server can be given to you as a VM image and with minimal configuration needed."

"The solution does very well as a baseline EDR and provides good process-level management."

"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."

"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."

More VMware Carbon Black Cloud pros

Cons

"The dashboard and playbook creation will need to improve"

"The product is called SecOps, but it is not security operations in terms of SIEM solutions."

"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."

"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."

"Customer awareness and understanding of ServiceNow's SecOps capabilities could be improved."

"We'd like customization to be easier in terms of the UI and using the dashboards."

"Report generation within ServiceNow can take some time. Additionally, there are occasional issues when raising a ticket, which can also consume time."

"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."

More ServiceNow Security Operations cons

"Training and education for both partner and customer, including product marketing need to be improved."

"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."

"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."

"We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."

"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."

"The product detects too many false positives initially and it could integrate better with other security solutions."

"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."

"It's not simple."

More VMware Carbon Black Cloud cons

Pricing and Cost Advice

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."

"Compared to competitor tools, ServiceNow Security Operations is more affordable"

"It is an expensive product."

"This product is a good value for the money."

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."

"The product is more expensive than other solutions."

"The solution is very inexpensive so there is great cost savings to using it."

"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."

"VMware Carbon Black Cloud is an expensive solution."

"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."

"You need to pay for the licensing of the product. The pricing is costly."

"Pricing for this solution could be made lower."

See which vendors are best for you

Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

20%

Manufacturing Company

11%

Computer Software Company

Government

Computer Software Company

18%

Financial Services Firm

12%

Real Estate/Law Firm

11%

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about ServiceNow Security Operations?

The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.

What is your experience regarding pricing and costs for ServiceNow Security Operations?

The product is more expensive than other solutions like Archer but offers more features, making the pricing justifiable.

What needs improvement with ServiceNow Security Operations?

Report generation within ServiceNow can take some time. Additionally, there are occasional issues when raising a ticket, which can also consume time.

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

What do you like most about Carbon Black CB Response?

Threat hunting is the most valuable feature of VMware Carbon Black Cloud.

Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations

Comparisons

Compared 26% of the time

Splunk SOAR vs ServiceNow Security Operations

Compared 17% of the time

Microsoft Sentinel vs ServiceNow Security Operations

Compared 14% of the time

Unified Vulnerability Management vs ServiceNow Security Operations

Compared 7% of the time

Tines vs ServiceNow Security Operations

Compared 7% of the time

More ServiceNow Security Operations Competitors

Splunk SOAR vs VMware Carbon Black Cloud

Compared 30% of the time

Rapid7 InsightIDR vs VMware Carbon Black Cloud

Compared 28% of the time

VMware Carbon Black Endpoint vs VMware Carbon Black Cloud

Compared 23% of the time

Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud

Compared 19% of the time

More VMware Carbon Black Cloud Competitors

Product Reports

ServiceNow Security Operations

Download ServiceNow Security Operations product report

VMware Carbon Black Cloud

Download VMware Carbon Black Cloud product report

Also Known As

No data available

Carbon Black CB Response

Overview

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.

ServiceNow

Fortify Endpoint and Workload Protection Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response. Recognize New Threats Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past. Simplify Your Security Stack Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.

VMware

Sample Customers

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

ALLETE belk

ServiceNow Security Operations vs. VMware Carbon Black Cloud