Try our new research platform with insights from 80,000+ expert users

Trellix Active Response vs VMware Carbon Black Endpoint comparison

Trellix and VMware are both solutions in the Endpoint Detection and Response (EDR) category. Trellix is ranked #45 with an average rating of 8.0, while VMware is ranked #23 with an average rating of 7.9. Trellix holds a 0.2% mindshare in EDR, compared to VMware’s 1.7% mindshare. Additionally, 50% of Trellix users are willing to recommend the solution, compared to 88% of VMware users who would recommend it.
Trellix Active Response
Read 5 Trellix Active Response reviews
  • 364 Views
  • 349 Comparison Views
50% willing to recommend
VMware Carbon Black Endpoint
Read 63 VMware Carbon Black Endpoint reviews
  • 6,029 Views
  • 4,039 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

VMware Carbon Black Endpoint and Trellix Active Response compete in endpoint security solutions. Based on user reviews, Trellix Active Response has superior features despite higher pricing; users find it worth the investment.

Features: VMware Carbon Black Endpoint is praised for its advanced threat detection, lightweight agent, and real-time monitoring capabilities. Trellix Active Response offers comprehensive security insights, automation, and integration flexibility. Trellix’s extensive feature set makes it stand out.

Room for Improvement: VMware Carbon Black Endpoint users report challenges with deployment complexity, occasional false positives, and a need for better user interface design. Trellix Active Response users mention the need for smoother updates, better documentation, and improved customization options. While both have areas to improve, VMware’s deployment issues appear more significant.

Ease of Deployment and Customer Service: VMware Carbon Black Endpoint’s deployment process is often seen as cumbersome, though customer service receives positive feedback. Trellix Active Response is easier to deploy, with effective customer support. Users find Trellix’s deployment and service more straightforward and efficient.

Pricing and ROI: VMware Carbon Black Endpoint is valued for its competitive pricing and good ROI. Trellix Active Response, while more expensive, is considered worth the cost due to its comprehensive features and better ROI. Users find the additional investment in Trellix justified by its performance and returns.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Trellix Active Response vs. VMware Carbon Black Endpoint Report (Updated: July 2025).
Buyer's Guide
Trellix Active Response vs. VMware Carbon Black Endpoint
July 2025
Download the complete report
Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
3.8
Trellix Active Response improved threat detection, reduced incident response times, increased efficiency, and enhanced productivity with an intuitive interface.
Sentiment score
6.5
Users reported significant ROI with VMware Carbon Black Endpoint, citing reduced malware and ransomware incidents, and 10% cost savings.
While we haven't yet quantified the financial benefits, we recognize that there has been a return on investment, particularly with operational efficiencies provided by the alerts.
For more quotes and insights, download the Trellix Active Response report
No quotes available
For more quotes and insights, download the VMware Carbon Black Endpoint report
 

Customer Service

Sentiment score
7.8
Trellix Active Response's customer support is generally positive, but availability and contact speed could improve, rated seven out of ten.
Sentiment score
6.3
VMware Carbon Black Endpoint support is generally praised as effective and knowledgeable, but some report delays and issues with tiered support.
I would rate technical support from Trellix Active Response as a seven because sometimes we face difficulties finding engineers quickly, leading to customer frustration.
For more quotes and insights, download the Trellix Active Response report
No quotes available
For more quotes and insights, download the VMware Carbon Black Endpoint report
 

Scalability Issues

Sentiment score
4.1
Trellix Active Response is scalable, integrates easily, handles large data seamlessly, and maintains performance and security with minimal latency.
Sentiment score
7.4
VMware Carbon Black Endpoint is highly scalable and adaptable for various enterprises, praised for ease of adding tenants and managing environments.
The scalability of Active Response is satisfactory.
For more quotes and insights, download the Trellix Active Response report
No quotes available
For more quotes and insights, download the VMware Carbon Black Endpoint report
 

Stability Issues

Sentiment score
4.6
Trellix Active Response is praised for reliability, efficient data handling, quick threat detection, adaptability, and stability with minimal downtime.
Sentiment score
7.4
VMware Carbon Black Endpoint is stable, lightweight, reliable, and highly rated, though minor issues with sensors and updates occasionally occur.
 

Room For Improvement

Trellix Active Response needs better resource management, advanced analytics, and improved integrations for efficient monitoring and AI features.
VMware Carbon Black Endpoint struggles with mobile support, complex UI, performance issues, inadequate reporting, and insufficient third-party integration.
We would like Trellix to optimize the technology for these systems similarly to how it is deployed for normal endpoints.
There is room for improvement in the platform area and security area to make the dashboard visibility clearer and easier for customers to monitor malicious activities occurring in their environment.
For more quotes and insights, download the Trellix Active Response report
No quotes available
For more quotes and insights, download the VMware Carbon Black Endpoint report
 

Setup Cost

VMware Carbon Black Endpoint licensing is seen as expensive and inflexible, with prices ranging from $15 to $7,000 per node.
Based on our evaluations, Trellix Active Response's pricing was the most feasible from a cost perspective.
For more quotes and insights, download the Trellix Active Response report
No quotes available
For more quotes and insights, download the VMware Carbon Black Endpoint report
 

Valuable Features

Trellix Active Response enhances analytics, user insights, and incident handling, excelling in detection and response with holistic EDR benefits.
VMware Carbon Black Endpoint offers robust remote security with intuitive real-time detection, AI-driven threat response, and centralized cloud control.
They notify us immediately of any vulnerabilities on the endpoints, allowing us to deploy a response quickly.
The most valuable feature of Trellix Active Response is that whenever any incident occurs, it allows us to disconnect from that particular network or area and shut down the system using commands.
For more quotes and insights, download the Trellix Active Response report
No quotes available
For more quotes and insights, download the VMware Carbon Black Endpoint report
 

Categories and Ranking

Trellix Active Response
Ranking in Endpoint Detection and Response (EDR)
45th
Average Rating
7.0
Reviews Sentiment
5.1
Number of Reviews
5
Ranking in other categories
No ranking in other categories
VMware Carbon Black Endpoint
Ranking in Endpoint Detection and Response (EDR)
23rd
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
63
Ranking in other categories
Endpoint Protection Platform (EPP) (29th), Security Incident Response (2nd), Ransomware Protection (7th)
 

Mindshare comparison

As of August 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Trellix Active Response is 0.2%, up from 0.1% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.7%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Abdullah Al Hadi - PeerSpot reviewer
Offers comprehensive incident visualization and quick response capabilities but requires clearer dashboard interface
I am an Information Security Engineer at NHQ Distribution Limited and a partner of Trellix. I work with different products in Trellix, including Trellix EDR, SDR, and MDR. Trellix Active Response is the EDR solution from Trellix that has moved from an on-premise solution to a cloud solution. The Trellix MDR solution is helpful for SOC analysis and is integrated with Trellix EDR and SDR capabilities, providing full visibility of threat detection and hunting and detection response correlating with other solutions like endpoint security and encryption. On a scale of one to ten, I rate Trellix Active Response an eight.
Read full review
Nikunj Kamboj - PeerSpot reviewer
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it. The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization. Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
865,384 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Government
18%
Comms Service Provider
13%
Financial Services Firm
10%
University
8%
Computer Software Company
13%
Financial Services Firm
11%
Government
9%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for McAfee Active Response?
Based on our evaluations, Trellix Active Response's pricing was the most feasible from a cost perspective. I rate the pricing between a six and an eight. It is justified.
See all answers
What needs improvement with McAfee Active Response?
For Trellix Active Response, there is room for improvement in the platform area and security area to make the dashboard visibility clearer and easier for customers to monitor malicious activities o...
See all answers
What is your primary use case for McAfee Active Response?
The typical use case for Trellix Active Response is to provide quick incident response, as the product collects and correlates logs with the ePO dashboard, allowing customers to get visibility of t...
See all answers
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
See all answers
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
See all answers
What do you like most about Carbon Black CB Defense?
VMware Carbon Black Endpoint is a highly stable solution.
See all answers
 

Comparisons

Trellix Endpoint Security Platform vs Trellix Active Response Logo
Trellix Endpoint Security Platform vs Trellix Active Response
Compared 55% of the time
Trellix Endpoint Detection and Response (EDR) vs Trellix Active Response Logo
Trellix Endpoint Detection and Response (EDR) vs Trellix Active Response
Compared 45% of the time
More Trellix Active Response Competitors
CrowdStrike Falcon vs VMware Carbon Black Endpoint Logo
CrowdStrike Falcon vs VMware Carbon Black Endpoint
Compared 18% of the time
Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint Logo
Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint
Compared 12% of the time
SentinelOne Singularity Complete vs VMware Carbon Black Endpoint Logo
SentinelOne Singularity Complete vs VMware Carbon Black Endpoint
Compared 8% of the time
Trellix Endpoint Security Platform vs VMware Carbon Black Endpoint Logo
Trellix Endpoint Security Platform vs VMware Carbon Black Endpoint
Compared 8% of the time
Trend Micro Deep Security vs VMware Carbon Black Endpoint Logo
Trend Micro Deep Security vs VMware Carbon Black Endpoint
Compared 6% of the time
More VMware Carbon Black Endpoint Competitors
 

Product Reports

Buyer's Guide
Endpoint Detection and Response (EDR)
January 2025
Trellix Active Response reportDownload Trellix Active Response product report
Buyer's Guide
VMware Carbon Black Endpoint
July 2025
VMware Carbon Black Endpoint reportDownload VMware Carbon Black Endpoint product report
 

Also Known As

McAfee Active Response
Carbon Black CB Defense, Bit9, Confer
 

Overview

Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.

Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.

Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.

Trellix

VMware Carbon Black Endpoint provides comprehensive endpoint security against ransomware, spyware, malware, and viruses, catering to both cloud and on-premise environments.

VMware Carbon Black Endpoint facilitates endpoint detection and response, threat hunting, application control, antivirus support, and protection for virtual and physical machines. Features include intelligent learning, whitelisting, and integration with other security tools, making it suitable for distributors, MSPs, and enterprises seeking advanced threat defense and real-time monitoring. With its capability to detect and stop malicious executables, it supports both offline and online environments and offers tools like command shell access for deeper investigation.

What are the key features of VMware Carbon Black Endpoint?
  • Intelligent learning: Improves detection capabilities over time.
  • Whitelisting: Allows only approved applications to run.
  • Integration with other security tools: Enhances overall security posture.
  • Centralized cloud control: Manages endpoints from a single interface.
  • Command shell access: Offers deeper investigation capabilities.
  • Dynamic grouping: Facilitates organized endpoint management.
  • Simplified policy management: Streamlines security policy implementation.
  • API for system remoting: Allows remote system access and management.
  • Twenty-four-seven support: Provides continuous assistance and response.
What are the benefits of VMware Carbon Black Endpoint?
  • Real-time monitoring: Offers constant vigilance against threats.
  • Threat hunting: Identifies and mitigates threats proactively.
  • Historical data analysis: Assists in understanding past incidents and patterns.
  • Improved endpoint protection: Enhances overall endpoint security.
  • Enhanced threat detection: Reduces exposure to advanced threats.

VMware Carbon Black Endpoint is implemented across various industries including technology, healthcare, and finance. Organizations utilize it in cloud and hybrid environments, enhancing their security frameworks with real-time monitoring, intelligent learning, and robust threat detection capabilities tailored to their specific industry needs.

VMware
 

Sample Customers

Liquor Control Board of Ontario
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Buyer's Guide
Trellix Active Response vs. VMware Carbon Black Endpoint
July 2025
Free Report: Trellix Active Response vs. VMware Carbon Black Endpoint
Find out what your peers are saying about Trellix Active Response vs. VMware Carbon Black Endpoint and other solutions. Updated: July 2025.
DOWNLOAD NOW
865,384 professionals have used our research since 2012.
See our Trellix Active Response vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.