We performed a comparison between ServiceNow Security Operations and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Security Incident Response solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."
"It has helped optimize security costs by consolidating multiple tools into one platform."
"The solution is stable."
"What I found most valuable in ServiceNow Security Operations is that it's very useful for any incoming vulnerability. For example, if my team finds any vulnerability on servers such as the CA and CMDB integrated with ServiceNow Security Operations, my team can make some changes. My team can map the vulnerabilities found on the CA server, make the changes required, and resolve the vulnerabilities before the system is attacked. You can avoid vulnerability attacks through ServiceNow Security Operations, so this is the best feature of the solution. ServiceNow Security Operations is beneficial mainly for vulnerability response and engagement purposes."
"The solution is available over the cloud and is easy to manage."
"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."
"We refer to the setup and installation guide provided by ServiceNow. They have good documentation, which makes it easier to handle the process."
"It's stable."
"The EDR and reports were helpful in improving our organization."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"The visibility provided has been great."
"The whole purpose of the product, like application control, is very good, and also if you need to update some policies, it works well and instantly."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."
"The threat intelligence module needs a better dashboard."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"The initial setup is difficult."
"In future releases, I would like to add a follow-up and reminder feature. For the tickets in our queue, we could set reminders. This would help us prioritize older tickets before moving on to new ones."
"It doesn't interact with things very well."
"It is difficult to extract reports for ongoing scans"
"The support is poor."
"The EDR portion could be better. I'm not a big fan, but it works."
"The directions for Splunk are spot on, but it is difficult to find anything on integration with AlienVault,"
"At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"The initial setup is complex."
"The product's stability could be improved."
More ServiceNow Security Operations Pricing and Cost Advice →
ServiceNow Security Operations is ranked 2nd in Security Incident Response with 15 reviews while VMware Carbon Black Endpoint is ranked 1st in Security Incident Response with 62 reviews. ServiceNow Security Operations is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of ServiceNow Security Operations writes "Mature with nice UI and customizable workflows". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". ServiceNow Security Operations is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Microsoft Sentinel, IBM Resilient and Swimlane, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Trend Micro Deep Security and Symantec Endpoint Security. See our ServiceNow Security Operations vs. VMware Carbon Black Endpoint report.
See our list of best Security Incident Response vendors.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.