2019-06-09T22:31:00Z
Janet Peng - PeerSpot reviewer
Manager of IT at a financial services firm with 10,001+ employees
  • 7
  • 633

I would like to compare CrowdStrike and Carbon Black. On what basis should I decide?

Hi. I need to compare CrowdStrike and Carbon Black. What is the advantage of CrowdStrike over Carbon Black and vice versa? For an enterprise, how do I decide which one is better for my needs?

10
PeerSpot user
10 Answers
RL
Executive Vice President, APAC at Cybots
User
2021-04-13T01:59:12Z
Apr 13, 2021

I think the one thing you want to do is to review how much each solution will help you reduce your investigative workload... Each and every organization will have its own strength and requirements. If you're looking for an on premise solution, then maybe CB is your choice... cause as far as I know, CS only work from the cloud.

However, if your team is small and you don't want to be bogged down by alerts after alerts, try finding a solution that gives you conclusive and actionable intelligence - one that specifically points out the problem file/folder/endpoint for you.


Contact me if you want to know more - rodney@cybotsai.com


Hope it helps!
 

Product comparison that may be of interest to you
LM
CEO at Computer Solutions & Security, Ltd
User
2021-04-12T15:56:29Z
Apr 12, 2021

Both are great products. The cons are overcome partially resolved by other products.

NS
Security Consultant at Freelancer
Real User
2019-06-10T12:14:45Z
Jun 10, 2019

Pointers are based on the tests performed during the evaluation a few months back)

CrowdStrike:
- Artificial Intelligence and Machine Learning
- Is a cloud solution
- Offers protection from known threats.
- Offers advanced threat protection
- ATP Technology: AI+ML on the Agent blocks threats before they execute. Also has sandbox capability
- Predictive / Proactive
- Offers memory defense and script control
- Is cloud/server dependent
- Requires constant Internet connectivity, cannot work offline
- Footprint: 1-2 % CPU/ 40MB
- Requires Scanning
- Requires Human Intervention
- Servers are required
- Offers Endpoint Detection and Response (EDR), Endpoint Protection Platform (EPP), Threat Intelligence
- Easy to use
- 2FA
- Does not require hourly updates
- Does not require traditional AV

Does not offer:
- Application Control
- Web Reputation Control
- Web Category Protection
- Host Firewall
- Port Control System
- Full Disk Encryption
- File-Based Encryption
- Removable Media Encryption

Carbon Black:
- Detection & Response
- Cloud or On-Premise architecture
- Requires constant hash lookup. If not connected, there will be no protection from known threats.
- Offers advanced threat prevention
- ATP Technology: Hash-based, behavior-based
- Reactive
- Offers memory defense and script control
- Application control: CB protection Product
- Cannot work offline (only cached hashes)
- Cloud / Server Dependent
- Requires constant Internet connectivity, cannot work offline
- Footprint: Large - high utilization + network utilization
- Does not require scanning.
- Requires constant requires hourly updates.
- Requires Traditional AV
- Requires Human Intervention, behavioral rules & malware signatures.
- Requires Multiple servers if on-premise.
- Endpoint Detection and Response (EDR), Endpoint Protection Platform (EPP), Threat Intelligence
- Is not easy to use.

Does not offer:
- Web Reputation Control
- Web Category Protection
- Host Firewall
- Port Control System
- Full Disk Encryption
- File-Based Encryption
- Removable Media Encryption

Few additional pointers:
1) There are commercials aspects and CB is costlier than CrowdStrike
2) CB is little heavy on the endpoint as compared to CrowdStrike
3) CrowdStrike is coming up with EDR agents for mobiles as well ( Beta is out and GA is expected in June-July 2019). This could be the game changer

RL
Executive Vice President, APAC at Cybots
User
2021-03-18T11:42:37Z
Mar 18, 2021

I agree with some of the comments. Crowdstrike is way ahead of CB. However, both are cloud solutions, and depending on your business regulatory guidelines, you may have challenges having to send raw data to the cloud directly from the endpoints. 

it_user1071018 - PeerSpot reviewer
Former CISO | Cyber Security Enthusiast at a tech services company with 51-200 employees
Real User
2020-01-02T12:21:36Z
Jan 2, 2020

While Carbon Black is great for good detections and incident Response, Crowdstrike is EDR on steroids. It's everything you require from an Endpoint Detection, Response and Visibility perspective. An all-in-one arsenal for best in the class Threat Intelligence, Threat Analytics, very capable Sandboxing, Attack Chain Visibility, Patching Systems, File-less malware detection and termination upon execution along with a graphical visualization of the Process, Child-process etc. Only drawback for organization with isolated / offline networks is, Crowdstrike is on the Cloud.

As this point in time, nothing comes close to CrowdStrike.

GO
Sr. Account Executive at a tech services company with 1,001-5,000 employees
MSP
2019-07-10T16:10:28Z
Jul 10, 2019

In a nutshell:

Carbon Black:
- Using the PSC is like your home alarm system being connected to every neighbor!
- The product has rich and unmatched set of features in the end point protection space. Very focused on capabilities and domain expertise.

Crowdstrike:
- Easy out of the box, and provides so much more value than just an AV product.

Find out what your peers are saying about Carbon Black CB Defense vs. CrowdStrike Falcon and other solutions. Updated: March 2023.
690,226 professionals have used our research since 2012.
JP
Prinicipal Security Sales Engineer at a computer software company with 501-1,000 employees
Real User
2019-06-10T21:15:24Z
Jun 10, 2019

Depends on your sec-engineering staff size, the number of agents, integration with other tools. I would start by listing your use cases and break down what you mean by "better for my needs". Too many variables.

it_user784911 - PeerSpot reviewer
Threat Management GBB at Microsoft
Real User
2019-06-10T16:37:54Z
Jun 10, 2019

Why are you just looking at those solutions? You should also consider Microsoft Defender ATP (https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp) which is no longer just limited to monitoring Windows and which Gartner has stated as being influential in this market.

SN
Specialist at XYZ
Consultant
2019-06-10T03:05:09Z
Jun 10, 2019

Since both are an EDR solution, I would suggest analyzing which provides end to end mitigation. I know CB has 3 modules for the detailed analysis but not sure on the CrowdStrike.

TM
Senior Cybersecurity Consultant at CIA Botswana
Real User
Top 5Leaderboard
2020-05-04T07:24:11Z
May 4, 2020

CrowdStrike provides both a streaming and query REST API for accessing many of the features available through the Falcon Platform's UI. Carbon Black also provides a well-documented REST API for building custom integrations with the platform.
Technical comparison can be found at Gartner page: https://www.gartner.com/reviews/market/endpoint-protection-platforms/compare/carbon-black-vs-crowdstrike

Highly recommended for use is Crowdstrike.

Related Questions
Julia Miller - PeerSpot reviewer
Community Director at PeerSpot
Jan 12, 2023
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 3 answers
NS
Pre-Sales Architect at network techlab
Sep 19, 2022
I'm not directly involved in sales, so I can't comment on the exact price, but I know the price decreases the higher the quantity we purchase.
Sathya Paul - PeerSpot reviewer
Director Of Information Technology at TollPlus LLC.
Nov 22, 2022
The pricing is competitive and includes all features and support. I rate pricing an eight out of ten.
Julia Miller - PeerSpot reviewer
Community Director at PeerSpot
Jan 12, 2023
How do you or your organization use this solution? Please share with us so that your peers can learn from your experiences. Thank you!
2 out of 4 answers
MK
Deputy Technical Manager (SOC Operations) at a tech services company with 1,001-5,000 employees
Aug 23, 2022
We are using Crowdstrike Falcon XDR for security.
NS
Pre-Sales Architect at network techlab
Sep 19, 2022
We are a CrowdStrike partner, selling their products to our customers. We have small and medium-sized enterprise clients and clients in the government sector. Depending on customer requirements, we provide different CrowdStrike Falcon products, ranging from Spotlight to XDR.
Product Comparisons
Download Free Report
Download our FREE report comparing Carbon Black CB Defense and CrowdStrike Falcon based on reviews, features, and more! Updated: March 2023.
DOWNLOAD NOW
690,226 professionals have used our research since 2012.