We compared Microsoft Defender for Endpoint and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: The reviews suggest that Microsoft Defender for Endpoint is commended for its simple installation process, seamless integration with Windows, and effective detection and correlation of threats. However, it may suffer from a lack of clarity in its licensing model and limitations in its user interface, security features, and customization options. On the other hand, VMware Carbon Black Endpoint may present a more challenging initial setup and higher pricing. Nevertheless, it offers advanced functionalities, robust protection against attacks, extensive integration possibilities, and a highly acclaimed EDR capability. It is noted that improvements are needed in terms of management, graphical user interface, compatibility, and technical support. Overall, both products possess their individual strengths and weaknesses.
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The product detects and blocks threats and is more proactive than firewalls."
"The setup is pretty simple."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is stable and scalable."
"Microsoft Defender for Endpoint is a robust platform."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"Defender should be fine for home use. It has all the basic functionality you need. I can't speak to how well it works as an enterprise solution because I'm not in the space."
"Microsoft Defender for Endpoint is different from other security tools because we can configure it to use multiple types of scanning or archiving."
"It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. It doesn't use too many resources, so you don't have to install different things."
"DFE organizational security posture has been a positive experience. We're a Microsoft house. It works. Once it's deployed and once it's configured, it works and our clients tend to be happy with it. I haven't really experienced anyone who has been so unsatisfied with the platform that they wanted to go a couple of different directions, that has never happened to me."
"Microsoft Defender for Endpoint is free and part of the licensing stack of other Microsoft products."
"I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids."
"The product's most valuable feature is its ability to be fully integrated with the VMware environment."
"The solution has a library where we can have multiple threat intels onboarded. We just have to subscribe to a particular site intel and they'll provide us with all of the truncated details so that we can create IOCs and alerts on the basis of those IOCs."
"The most valuable feature is that it detects and stops malicious executables."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
"The most valuable feature of the solution stems from the fact that it is one of the best EDR tools in the market."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"We find the solution to be a bit expensive."
"The only minor concern is occasional interference with desired programs."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"With regards to the interface, a challenge I found was that there was not enough documentation on how to tune it. I had to read multiple sources on the internet to learn how to configure the tool appropriately."
"There could be an increase in security for the solution."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"If you have multi-cloud like Google and AWS, the native solutions are better for those particular cases."
"In terms of improvement, they update the platform it seems quite a bit. Every month something is in a new spot or something changed somewhere. There should be less of that."
"Additional security would be beneficial."
"Microsoft Defender for Endpoint does not offer default templates for alerts, requiring us to configure everything ourselves to avoid numerous false positives."
"The tech support communicates, but it's just not with movement."
"This solution could have greater granular control on how certain applications work."
"It would be a better solution if Carbon Black Cb Defense had an on-promise solution and a virus auto delete or quarantine."
"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence."
"Needs improvement in the area of infrastructure for on-premise installation."
"The solution would be more effective if there was a way to block automatically based on behavior."
"It is difficult to extract reports for ongoing scans"
"The device control feature could also be compatible with the user’s profile as well."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while VMware Carbon Black Endpoint is ranked 16th in Endpoint Protection Platform (EPP) with 61 reviews. Microsoft Defender for Endpoint is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Trend Micro Deep Security, SentinelOne Singularity Complete, Symantec Endpoint Security and Cortex XDR by Palo Alto Networks. See our Microsoft Defender for Endpoint vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.