Try our new research platform with insights from 80,000+ expert users

ServiceNow Security Operations vs VMware Carbon Black Cloud comparison

ServiceNow and Broadcom are both solutions in the Security Incident Response category. ServiceNow is ranked #1 with an average rating of 8.1, while Broadcom is ranked #10 with an average rating of 8.0. ServiceNow holds a 13.2% mindshare in IRP, compared to Broadcom’s 7.4% mindshare. Additionally, 95% of ServiceNow users are willing to recommend the solution, compared to 93% of Broadcom users who would recommend it.
ServiceNow Security Operations
Read 22 ServiceNow Security Operations reviews
  • 2,198 Views
  • 308 Comparison Views
95% willing to recommend
VMware Carbon Black Cloud
Read 18 VMware Carbon Black Cloud reviews
  • 642 Views
  • 122 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 2, 2025

ServiceNow Security Operations and VMware Carbon Black Cloud are both competitors in cybersecurity. ServiceNow stands out for its pricing and support, while VMware Carbon Black Cloud is recognized for its strong feature set.

Features: ServiceNow Security Operations is known for integration capabilities, automation tools for incident response, and handling vulnerability management. VMware Carbon Black Cloud provides advanced threat intelligence, analytics, and powerful endpoint detection to support proactive threat hunting.

Room for Improvement: ServiceNow Security Operations could benefit from enhancements in its user interface, scalability for growing enterprises, and more robust threat intelligence. VMware Carbon Black Cloud may need improvements in simplifying deployment, optimizing customer support experiences, and enhancing integration frameworks to make onboarding easier.

Ease of Deployment and Customer Service: ServiceNow Security Operations offers a seamless deployment process coupled with responsive customer service that facilitates quick system integration. VMware Carbon Black Cloud features straightforward cloud-based deployment, yet its complexity can affect setup times, occasionally requiring more support for its wider range of functionalities.

Pricing and ROI: ServiceNow Security Operations presents competitive pricing favorable for budget-focused organizations. VMware Carbon Black Cloud has a higher initial setup cost but is seen to deliver superior ROI through its efficient threat detection capabilities, making the cost justified over time for businesses seeking advanced security solutions.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ServiceNow Security Operations vs. VMware Carbon Black Cloud Report (Updated: September 2025).
Buyer's Guide
ServiceNow Security Operations vs. VMware Carbon Black Cloud
September 2025
Download the complete report
Helped 869,202 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ServiceNow Security Operations
Ranking in Security Incident Response
1st
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
22
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (6th), Risk-Based Vulnerability Management (9th)
VMware Carbon Black Cloud
Ranking in Security Incident Response
10th
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
18
Ranking in other categories
Endpoint Detection and Response (EDR) (42nd)
 

Mindshare comparison

As of October 2025, in the Security Incident Response category, the mindshare of ServiceNow Security Operations is 13.2%, down from 19.0% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 7.4%, up from 5.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Incident Response Market Share Distribution
ProductMarket Share (%)
ServiceNow Security Operations13.2%
VMware Carbon Black Cloud7.4%
Other79.4%
Security Incident Response
 

Featured Reviews

Abhinay Sharma - PeerSpot reviewer
Experience seamless integration and effective incident response with a little room for improvement in setup time
Integration is crucial in ServiceNow Security Operations because everything must be integrated to obtain data. Without integration, the solution is not as beneficial as expected. In SecOps, real-time data is essential to avoid discrepancies between real-time events and ServiceNow data. Multiple tools integrate with ServiceNow Security Operations, with Qualys being one of them. ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action. The main benefit is not having to access separate tools for different data. It provides a unified user experience where all work and fixes can be managed from one location.
Read full review
Tom Kar - PeerSpot reviewer
Shows promise for endpoint detection and response, with room for improvement in complexity and pricing
VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network. When a machine is quarantined, it cannot communicate with any other machines on the network except for the Carbon Black Cloud server. This allows you to investigate the machine without the risk of malware escaping to the network. Carbon Black Cloud's server can communicate with the quarantined machine through DNS and VSCP. This allows you to collect data from the machine, such as system logs, process activity, and registry changes. This data can be used to investigate the infection and determine the next steps. CrowdStrike and Cybereason are also popular EDR solutions. They offer similar features to VMware Carbon Black Cloud but may have different strengths and weaknesses. It is important to evaluate all of your options before choosing an EDR solution. Additionally, it is complex to use, and the pricing should be improved.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product has a very simple UI."
"Multiple projects use the ServiceNow tool because it is a low-cost and open-source tool."
"The SOAR module of ServiceNow Security Operations is the most valuable feature"
"ServiceNow Security Operations also takes care of GRC, governance, risk and compliance, enabling it to provide risk assessment."
"ServiceNow Security Operations provides significant control over vulnerabilities, allowing users to mark false alarms as false positives and ignore them, which is important because many vulnerabilities are not real but appear as such."
"ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action, providing a unified user experience where all work and fixes can be managed from one location."
"ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve any issues."
"I will recommend it to others as it is an enterprise application used by large companies for ticketing purposes."
More ServiceNow Security Operations pros
"The ability to quickly isolate a system from the network, while still being able to perform some forensics and mitigation work remotely, was of great value to us since we had many mobile and distributed systems."
"The most valuable features are the threat-hunting and the batch console."
"VMware Carbon Black Cloud is a user-friendly solution that can isolate machines from the rest of the network."
"The most valuable feature of VMware Carbon Black Cloud is the possibility of securing any PC worldwide."
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The market information they gather from the community is really good. Their configuration capabilities are good."
"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."
"Integration and scalability are the most valuable."
More VMware Carbon Black Cloud pros
 

Cons

"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"The initial setup is difficult."
"There is room for improvement in terms of developer support and documentation."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"Report generation within ServiceNow can take some time."
"One area for improvement for the product is the need to tailor and alter some codes for customization, which can cause issues during upgrades. It does not support customized operations."
"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."
More ServiceNow Security Operations cons
"The solution's support could be improved."
"The threat intelligence feed could use some fine tweaking."
"Training and education for both partner and customer, including product marketing need to be improved."
"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."
"The solution needs to simplify the process of adding custom watchlists, as well as embrace YARA for rule creation."
"The support team of Carbon Black CB Response needs improvement. At present, they need a lot of information. Then they give you an answer that they already gave you. You tell them it didn't work, and then they take a long time."
"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."
"Technical support for the solution should be improved because there is a scarcity of support teams in the Middle East."
More VMware Carbon Black Cloud cons
 

Pricing and Cost Advice

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."
"The product is more expensive than other solutions."
"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."
"Compared to competitor tools, ServiceNow Security Operations is more affordable"
"This product is a good value for the money."
"It is an expensive product."
"The solution is very inexpensive so there is great cost savings to using it."
"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."
"Pricing for this solution could be made lower."
"You need to pay for the licensing of the product. The pricing is costly."
"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."
"VMware Carbon Black Cloud is an expensive solution."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
See recommendations
869,202 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Manufacturing Company
13%
Computer Software Company
8%
Government
5%
Healthcare Company
9%
Financial Services Firm
9%
Computer Software Company
9%
Real Estate/Law Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise2
Large Enterprise15
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise7
 

Questions from the Community

What do you like most about ServiceNow Security Operations?
The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.
See all answers
What is your experience regarding pricing and costs for ServiceNow Security Operations?
It is relatively expensive but manageable.
See all answers
What needs improvement with ServiceNow Security Operations?
ServiceNow Security Operations is not specifically a vulnerability management or incident tool, but rather a data aggregator. It would be beneficial if, similar to the Discovery module which assess...
See all answers
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
See all answers
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
See all answers
What do you like most about Carbon Black CB Response?
Threat hunting is the most valuable feature of VMware Carbon Black Cloud.
See all answers
 

Comparisons

Splunk SOAR vs ServiceNow Security Operations Logo
Splunk SOAR vs ServiceNow Security Operations
Compared 22% of the time
Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations Logo
Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations
Compared 19% of the time
Microsoft Sentinel vs ServiceNow Security Operations Logo
Microsoft Sentinel vs ServiceNow Security Operations
Compared 12% of the time
Tines vs ServiceNow Security Operations Logo
Tines vs ServiceNow Security Operations
Compared 8% of the time
Swimlane vs ServiceNow Security Operations Logo
Swimlane vs ServiceNow Security Operations
Compared 5% of the time
More ServiceNow Security Operations Competitors
Splunk SOAR vs VMware Carbon Black Cloud Logo
Splunk SOAR vs VMware Carbon Black Cloud
Compared 41% of the time
Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud Logo
Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud
Compared 28% of the time
VMware Carbon Black Endpoint vs VMware Carbon Black Cloud Logo
VMware Carbon Black Endpoint vs VMware Carbon Black Cloud
Compared 18% of the time
Rapid7 InsightIDR vs VMware Carbon Black Cloud Logo
Rapid7 InsightIDR vs VMware Carbon Black Cloud
Compared 12% of the time
More VMware Carbon Black Cloud Competitors
 

Product Reports

Buyer's Guide
ServiceNow Security Operations
September 2025
ServiceNow Security Operations reportDownload ServiceNow Security Operations product report
Buyer's Guide
VMware Carbon Black Cloud
September 2025
VMware Carbon Black Cloud reportDownload VMware Carbon Black Cloud product report
 

Also Known As

No data available
Carbon Black CB Response
 

Overview

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions. 

ServiceNow

Fortify Endpoint and Workload Protection

Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response.

Recognize New Threats

Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past.

Simplify Your Security Stack

Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.

Broadcom
 

Sample Customers

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services
ALLETE belk
Buyer's Guide
ServiceNow Security Operations vs. VMware Carbon Black Cloud
September 2025
Free Report: ServiceNow Security Operations vs. VMware Carbon Black Cloud
Find out what your peers are saying about ServiceNow Security Operations vs. VMware Carbon Black Cloud and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,202 professionals have used our research since 2012.
See our ServiceNow Security Operations vs. VMware Carbon Black Cloud report.
See our list of best Security Incident Response vendors.

We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.