We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"This is stable and scalable."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Ability to get forensics details and also memory exfiltration."
"Fortinet is very user-friendly for customers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Scalability is good. We have had no issues with it."
"The DLP is the most valuable feature of CrowdStrike Falcon."
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"I like the detection rates of mobile threats."
"CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM."
"Easy to use, intelligent, and stable threat detection software."
"The most useful feature is that we do not need to install or keep signature files. Regular scanning that consumes a lot of computer resources is not needed."
"The malware protection is the most valuable feature of CrowdStrike Falcon."
"Some of the valuable features I have found are the online documentation of the solution is well organized and thorough. I like the simplicity of bypass and the visualization of the active components."
"I feel that the initial setup was straightforward and not complex."
"There's lots of very useful documentation online to help troubleshoot and learn about the product."
"It uses machine learning and behavioral analytics for advanced threat detection and response."
"The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions."
"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
"I found the offline scanning to be particularly useful."
"The initial setup is pretty straightforward."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The SIEM could be improved."
"The solution should address emerging threats like SQL injection."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"Carbon Black has limited capability to integrate with Rapid7."
"The tech support communicates, but it's just not with movement."
"The solution needs expanded endpoint query tools."
"The solution would be more effective if there was a way to block automatically based on behavior."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"The pricing could be more reasonable."
"The product's stability could be improved."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 62 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.