We performed a comparison between Elastic Security and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The price is low and quite competitive with others."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The setup is pretty simple."
"The most valuable feature is the analysis, because of the beta structure."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"Enables monitoring of application performance and the ability to predict behaviors."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"ELK documentation is very good, so never needed to contact technical support."
"It is scalable."
"Elastic is straightforward, easy to integrate, and highly customizable."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"The initial setup is very easy."
"The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment."
"It uses machine learning and behavioral analytics for advanced threat detection and response."
"Provides visibility into the chain of attack and threats that use valid operating system processes to execute attacks."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Making the portal mobile friendly would be helpful when I am out of office."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution is not stable."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"ZTNA can improve latency."
"The interface could be more user friendly because it is sometimes hard to deal with."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"The biggest challenge has been related to the implementation."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."
"The local technical support is very poor, but the support from headquarters is very nice."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"The node management could be much better. The one thing that they cannot do very easily is change the tenant from a backend."
"There is room for improvement in the support and service team."
"Right now, Carbon Black CB Defense doesn't support cloud computing and Kubernetes."
"The UI interface needs improvement. The management needs further work in future versions."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while VMware Carbon Black Endpoint is ranked 12th in Endpoint Detection and Response (EDR) with 62 reviews. Elastic Security is rated 7.6, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security and CyberArk Endpoint Privilege Manager. See our Elastic Security vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.