Try our new research platform with insights from 80,000+ expert users

Symantec Endpoint Detection and Response vs VMware Carbon Black Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Symantec Endpoint Detection...
Ranking in Endpoint Detection and Response (EDR)
28th
Average Rating
7.6
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
VMware Carbon Black Endpoint
Ranking in Endpoint Detection and Response (EDR)
20th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
63
Ranking in other categories
Endpoint Protection Platform (EPP) (27th), Security Incident Response (2nd), Ransomware Protection (6th)
 

Mindshare comparison

As of July 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Symantec Endpoint Detection and Response is 0.5%, up from 0.4% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.7%, down from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

YusufAhmed - PeerSpot reviewer
Easy to use and competitively priced
Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.
Nikunj Kamboj - PeerSpot reviewer
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it. The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization. Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I've mainly found the antivirus and antispyware features valuable. The documentation is okay as well."
"The solution is scalable."
"The solution has great blocking features."
"It is very simple to use."
"IPS and the user interface are good features."
"The most valuable feature of Symantec Endpoint Detection and Response is its ability to conduct large scans on the endpoints without affecting the network."
"I like Symantec EDR's device control and USB security features."
"The most valuable features of Symantec Endpoint Detection and Response are its immediate response and investigation."
"The initial setup was fairly easy."
"I like the historical features, interface, and integration."
"The solution is stable."
"It is a very complete platform."
"The visibility provided has been great."
"I like its protection very much. It protects and allows us to lock the environment pretty tightly. Nothing that is not approved through Carbon Black can run in the environment. There is no default. Everything goes through Carbon Black Protect, and everything has to be first approved. Every software is considered to be guilty before prove innocent."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"The most valuable feature is that it detects and stops malicious executables."
 

Cons

"The solution needs to provide better integration."
"It should be easier to deploy Symantec's client for end-users."
"It is not possible to buy it from the company itself, or resellers in other countries. If it is available, I see that it is offered as part of a larger service. For me, this was not suitable."
"A significant deterioration in customer support."
"The Symantec portfolio is not big enough to cover the organization in all 360 degrees."
"They do need to minimize the number of agents installed on a server."
"Technical support is not as good as we expect, and resolving problems should be more timely."
"In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial."
"There is room for improvement in the support and service team."
"This solution could have greater granular control on how certain applications work."
"Certain settings have limitations. For example, I cannot manually block some malware activities."
"The endpoint machines need improvement."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."
"The UI interface needs improvement. The management needs further work in future versions."
"This solution works well but needs lots of tuning and optimization."
 

Pricing and Cost Advice

"We are satisfied with the pricing."
"The more devices we have the more expensive it becomes, which is where the challenge is."
"The price is reasonable."
"The price is really high and it should be lower."
"It's a yearly subscription."
"Symantec Endpoint Detection and Response is expensive."
"We have a yearly subscription, and the pricing is fair."
"It is an expensive solution."
"The pricing is annually based and operates through another department than mine."
"The product is expensive. There are some additional costs apart from the standard licensing charges attached to the solution."
"Carbon Black provides competitive pricing."
"I am not really involved in the pricing of this product. But, from my understanding, it is OK for us."
"CB Defense is available on a yearly subscription and is priced by the number of endpoints."
"It's reasonable in price"
"The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price."
"VMware Carbon Black Endpoint is an expensive product."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
863,331 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
10%
Manufacturing Company
9%
University
8%
Computer Software Company
14%
Financial Services Firm
11%
Government
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?
I am not aware of the pricing details, as that falls under the management's responsibility.
What needs improvement with Symantec Endpoint Detection and Response?
There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application contro...
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Defense?
VMware Carbon Black Endpoint is a highly stable solution.
 

Also Known As

No data available
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

Information Not Available
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about Symantec Endpoint Detection and Response vs. VMware Carbon Black Endpoint and other solutions. Updated: July 2025.
863,331 professionals have used our research since 2012.