We performed a comparison between Elastic Security and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The most valuable feature is the analysis, because of the beta structure."
"The solution was relatively easy to deploy."
"Ability to get forensics details and also memory exfiltration."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Impressive detection capabilities"
"It's very customizable, which is quite helpful."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The most valuable feature is the ability to collect authentication information from service providers."
"The stability of the solution is good."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"I like its reporting."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"I like the historical features, interface, and integration."
"The most valuable feature of the solution stems from the support it provides."
"The new feature that we're deploying, the new offering from Carbon Black, is MDR, which stands for manage, detect, and response. It's the most valuable feature because Carbon Black will be continuously checking the logs, and they will be advising us on how to improve some of the policies as well as review the logs. If there are any nefarious agents or things happening on the end points, they will know."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"It is a scalable solution...The initial setup was straightforward."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Intelligence aspects need improvement"
"Making the portal mobile friendly would be helpful when I am out of office."
"The support needs improvement."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We find the solution to be a bit expensive."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"I would like more ways to manage permissions and restrict access to certain users."
"It could use maybe a little more on the Linux side."
"The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"Integration is difficult, but CB Defense is more powerful than others. It is difficult to implement but easy to pick up many detections."
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"This solution works well but needs lots of tuning and optimization."
"The UI interface needs improvement. The management needs further work in future versions."
"I would like to see improvements made so that we can better see all of the processes."
"The endpoint machines need improvement."
"It is difficult to extract reports for ongoing scans"
"The product's stability could be improved."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews while VMware Carbon Black Endpoint is ranked 14th in Endpoint Detection and Response (EDR) with 63 reviews. Elastic Security is rated 7.6, while VMware Carbon Black Endpoint is rated 7.8. The top reviewer of Elastic Security writes "Customizable with great dashboards but the premium support is poor". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Elastic Security vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.