We compared CrowdStrike Falcon and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Comparing CrowdStrike Falcon to VMware Carbon Black Endpoint, both have straightforward setup processes, although CrowdStrike Falcon is considered relatively more manageable. CrowdStrike Falcon offers comprehensive protection, ease of deployment, crowdsourced intelligence, and strong detection and prevention features. Users also find it easy and straightforward. However, it may require expertise and guidance during setup and lacks certain features like ransomware protection and additional antivirus functionality. On the other hand, VMware Carbon Black Endpoint also provides a straightforward setup process but might be challenging for users unfamiliar with Carbon Black. It offers continuous monitoring, threat detection and response, prevention of zero-day threats, extensive threat intel, and good integration capabilities. However, there are difficulties in making changes at the tenant level and GUI improvements are needed. Additionally, some users mention slower technical support as a drawback.
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"The stability is very good."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The solution was relatively easy to deploy."
"Fortinet is very user-friendly for customers."
"The price is low and quite competitive with others."
"CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"The automatic alert feature is the most important feature of the solution."
"Scalability is good. We have had no issues with it."
"The stability is very good."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"The UI is simple and self-explanatory. Everything is easy to understand."
"The initial setup was fairly easy."
"The threat analysis functionality is good."
"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
"It is a stable solution...The initial setup of VMware Carbon Black Endpoint was easy."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
"I like its reporting."
"VMware Carbon Black Endpoint is a highly stable solution."
"The dashboard isn't easy to access and manage."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"FortiEDR can be improved by providing more detailed reporting."
"The solution is not user-friendly."
"Making the portal mobile friendly would be helpful when I am out of office."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution should address emerging threats like SQL injection."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I would like to see a more accurate integration and an option to check the local machine."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"The pricing structure should allow for some flexibility."
"The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"The UI interface needs improvement. The management needs further work in future versions."
"In the past, we've seen some stability issues in the latest version releases. We tend to hang back one version just to make sure issues are fully resolved to avoid user disruption."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"In the next release, it would help if we can get better control over containers."
"In my company, we face issues sometimes when there is a need to write custom rules or we want to write for some rules that are different from the standard rules provided by the solution."
"The directions for Splunk are spot on, but it is difficult to find anything on integration with AlienVault,"
"This solution works well but needs lots of tuning and optimization."
"The solution would be more effective if there was a way to block automatically based on behavior."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 63 reviews. CrowdStrike Falcon is rated 8.8, while VMware Carbon Black Endpoint is rated 7.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Tanium, whereas VMware Carbon Black Endpoint is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security, Symantec Endpoint Security and Cisco Secure Endpoint. See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.