


Symantec Endpoint Security and VMware Carbon Black Endpoint compete in the endpoint security market. Symantec Endpoint Security tends to have the upper hand in deployment ease and customer service, while VMware Carbon Black Endpoint is preferred for advanced threat detection.
Features: Symantec Endpoint Security is recognized for its robust malware protection, extensive threat intelligence, and a centralized management console. VMware Carbon Black Endpoint is notable for behavior-based threat detection, cloud analytics, and ease of integration with other security tools.
Room for Improvement: Symantec Endpoint Security could improve system resource usage, reduce false positives, and enhance its user interface. VMware Carbon Black Endpoint could simplify the initial setup, improve integration with non-VMware environments, and streamline its user management processes.
Ease of Deployment and Customer Service: Symantec Endpoint Security is often praised for smooth deployment and reliable customer service. VMware Carbon Black Endpoint has mixed feedback on deployment complexity and customer service quality, showing variability in support experiences.
Pricing and ROI: Symantec Endpoint Security users are satisfied with pricing and perceive a good ROI, citing the value of its comprehensive protection suite. VMware Carbon Black Endpoint users acknowledge higher upfront costs but see its advanced features as worth the investment, leading to positive ROI outcomes.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
Symantec Endpoint Security filled gaps in our toolset, particularly with the ability to control network firewall on hosts remotely, which was greatly appreciated.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
In some cases, it rates as high as ten out of ten, while in others, it can be as low as eight.
There is no support in the German language, which is a problem for many public tenders.
Regarding the technical support of Broadcom, they are responsive and helpful.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
I think scalability for Cortex XDR by Palo Alto Networks is good.
Symantec Endpoint Security is quite scalable, and it is very important for large clients.
The scalability of the servers is good, as it requires computational powers.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR is stable, offering high quality and reliable performance.
I have encountered issues where I had to uninstall and reinstall the product on end users' computers to view the logs again.
Previously, we used to have multiple servers such as GUP servers and numerous servers for pushing updates, but we reduced it and transitioned almost 30,000 devices to CrowdStrike, which was easy to manage.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Device management is not very good and I am not enabling it in my organization due to security reasons.
I would like to see improvements in the scanning part of the solution, specifically to enhance the CPU and hard disk usage during scanning and updates to prevent disruption during work hours.
It is cumbersome to use, particularly in handling firewall management.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
It seems to be half the cost or more affordable than other solutions.
The pricing is very low compared to other companies like SentinelOne and others.
I rate the pricing, setup cost, and licensing around nine out of ten.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
Symantec Endpoint Security offers great features such as reporting capabilities with a customized dashboard that pulls in EDR timelines, threat maps, and compliance metrics into one view.
Symantec Endpoint Security offers many valuable features, such as file explosion, application learning, DLP, injection detection, and EDR solutions for traffic control.
The incident response capabilities allow me to resolve authentication and support issues promptly, ensuring the system operates without downtime.
I assess VMware Carbon Black Endpoint's machine learning capabilities in detecting unknown threats as fantastic.
| Product | Market Share (%) |
|---|---|
| Cortex XDR by Palo Alto Networks | 3.4% |
| Symantec Endpoint Security | 3.3% |
| VMware Carbon Black Endpoint | 1.8% |
| Other | 91.5% |


| Company Size | Count |
|---|---|
| Small Business | 42 |
| Midsize Enterprise | 21 |
| Large Enterprise | 47 |
| Company Size | Count |
|---|---|
| Small Business | 69 |
| Midsize Enterprise | 32 |
| Large Enterprise | 63 |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 9 |
| Large Enterprise | 31 |
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
Symantec Endpoint Security is a robust and reliable product that provides complete protection against viruses, malware, Trojans, and malicious files. It offers application and device control, ease of use in deploying and updating, a central control console, stability, scalability, auto-discovery capabilities, patch management, endpoint detection and response capabilities, intrusion detection module.
The Symantec Global Intelligence Network (GIN) provides threat intelligence and detection across endpoints, email, and web traffic. It has helped organizations reduce downtime, increase productivity, and improve security posture. Symantec Endpoint Security is easy to use, has a flexible administration, and offers more value than expected.
VMware Carbon Black Endpoint enhances endpoint security with its robust EDR, threat detection, and live response features. The cloud-based architecture supports remote management and easy setup while behavioral monitoring and dynamic grouping minimize security risks.
VMware Carbon Black Endpoint is designed for those seeking comprehensive endpoint protection. With its cloud-based deployment, organizations experience streamlined remote control and simplified rollout processes. Its behavioral monitoring, incident response capabilities, and firewall integration deliver advanced security measures. Although it addresses many security challenges, areas like manual alert management, on-demand scanning, and integration with systems like AlienVault USM require refinement. Improved UI, EDR components, and flexible pricing models would enhance user satisfaction. On-premise deployment infrastructure and compatibility issues with some operating systems need attention. Enhanced reporting, container security, and multi-tenancy support are also essential for fulfilling industry needs. AI-driven analysis and threat isolation empower companies by fostering proactive management.
What are the key features of VMware Carbon Black Endpoint?
What benefits should users look for when evaluating VMware Carbon Black Endpoint?
VMware Carbon Black Endpoint finds extensive application in industries focused on stringent security requirements. Managed security service providers leverage its capabilities to deliver comprehensive protection to multiple clients worldwide. Organizations use it primarily for antivirus protection and incident management, integrating it with their existing security frameworks to strengthen endpoint visibility and real-time threat prevention. Its advanced detection and application control features make it a preferred choice in industries that prioritize robust security measures. However, it requires improvements in terms of system compatibility and customization flexibility to better serve diverse industry environments.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.