CrowdStrike Falcon vs VMware Carbon Black Endpoint comparison

CrowdStrike and VMware are both solutions in the Endpoint Protection Platform (EPP) category. CrowdStrike is ranked #3 with an average rating of 8.8, while VMware is ranked #18 with an average rating of 7.7. CrowdStrike holds a 11.0% mindshare in EPP, compared to VMware’s 2.0% mindshare. Additionally, 97% of CrowdStrike users are willing to recommend the solution, compared to 88% of VMware users who would recommend it.

CrowdStrike Falcon

Read 122 CrowdStrike Falcon reviews

29,731 Views
22,379 Comparison Views

97% willing to recommend

VMware Carbon Black Endpoint

Read 63 VMware Carbon Black Endpoint reviews

7,867 Views
5,334 Comparison Views

88% willing to recommend

CrowdStrike Falcon

VMware Carbon Black Endpoint

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 1, 2024

CrowdStrike Falcon and VMware Carbon Black Endpoint compete in the endpoint security category. CrowdStrike Falcon seems to have the upper hand due to its flexible cloud-native architecture which offers real-time threat detection and response, resulting in improved threat management efficiency.

Features: CrowdStrike Falcon provides real-time threat detection, the OverWatch service for continuous monitoring, and robust machine learning capabilities. These features ensure high efficacy in threat prevention and remediation. VMware Carbon Black Endpoint offers in-depth threat visibility, comprehensive forensic analysis capabilities, and an active endpoint firewall, enhancing its security posture.

Room for Improvement: CrowdStrike Falcon could enhance its forensic capabilities, streamline its reporting system, and improve offline scanning. Users also desire more intuitive dashboards and deeper integration with Active Directory. VMware Carbon Black Endpoint users face deployment stability issues, require better support for mobile devices, and demand faster customer service response times. Additionally, more streamlined configuration and management are needed.

Ease of Deployment and Customer Service: CrowdStrike Falcon offers a straightforward setup process with extensive support options. Users value the responsive technical support although some initially struggle with navigation. VMware Carbon Black Endpoint faces a complex deployment process, particularly in hybrid environments, and users call for faster response times and clearer communication during issue resolution.

Pricing and ROI: CrowdStrike Falcon is priced at a premium, justified by its extensive features and cost avoidance benefits through improved threat management, offering flexible licensing to suit various needs. VMware Carbon Black Endpoint is typically priced higher within the market but is valued for its comprehensive security features. Customers, however, express concerns over restrictive licensing terms, particularly affecting smaller deployments. Both products deliver ROI through enhanced security measures, though Falcon is praised more for cost reduction in threat management.

To learn more, read our detailed CrowdStrike Falcon vs. VMware Carbon Black Endpoint Report (Updated: December 2024).

Buyer's Guide

CrowdStrike Falcon vs. VMware Carbon Black Endpoint

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

CrowdStrike Falcon

Ranking in Endpoint Protection Platform (EPP)

3rd

Ranking in Endpoint Detection and Response (EDR)

1st

Ranking in Ransomware Protection

1st

Average Rating

8.6

Reviews Sentiment

7.4

Number of Reviews

122

Ranking in other categories

Security Information and Event Management (SIEM) (6th), Identity Management (IM) (6th), Threat Intelligence Platforms (2nd), Active Directory Management (2nd), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (2nd)

VMware Carbon Black Endpoint

Ranking in Endpoint Protection Platform (EPP)

18th

Ranking in Endpoint Detection and Response (EDR)

15th

Ranking in Ransomware Protection

4th

Average Rating

7.8

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Security Incident Response (1st)

Mindshare comparison

As of December 2024, in the Endpoint Protection Platform (EPP) category, the mindshare of CrowdStrike Falcon is 11.0%, up from 8.8% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 2.0%, down from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

Chintan-Vyas

Associate Director at KPMG

Easy to set up with good behavior-based analysis but needs a single-click recovery option

Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Read full review

Matthew Weisler

Sole Proprietor at Core-Infosec

Great granularity for policies or applications without needing hash values

The solution is cloud based which makes it easy to use for remote devices or work-at-home situations. The solution supports full trust or signature-based approvals. You can get very granular and band out policies or applications without having to do hash values. You can band through the entire environment by execution of the name or desk IDXE. This can be achieved on the policy side because of the signature, IOC, or naming convention itself. This is very effective for pushing more blockage or removing threats across the board. The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation. This is useful for monitoring several different companies in a workspace or workbook-type format. For example, I report and send out mass emails from a clickable button in an Excel workbook. The APIs all exist for each client. I push out automatic endpoint monitoring and reports every single day at a particular time, with a simple clickable button that serves as a scheduled task for fifty clients.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features."

"Its integration capability is valuable. It integrates easily with any OS."

"The most valuable features are the complete IPS and IDS."

"Scalability hasn't been an issue for us."

"Falcon has the capacity to identify potential problems quickly. The administrator can deploy the agent, and the users cannot change it. This assures you that the agent remains on this device. Also, the agent can act preemptively to provide alerts about potential problems."

"The solution can scale easily."

"The UI is simple and self-explanatory. Everything is easy to understand."

"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."

More CrowdStrike Falcon pros

"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."

"I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."

"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."

"I like the historical features, interface, and integration."

"The new feature that we're deploying, the new offering from Carbon Black, is MDR, which stands for manage, detect, and response. It's the most valuable feature because Carbon Black will be continuously checking the logs, and they will be advising us on how to improve some of the policies as well as review the logs. If there are any nefarious agents or things happening on the end points, they will know."

"I feel that the initial setup was straightforward and not complex."

"The visibility provided has been great."

"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."

More VMware Carbon Black Endpoint pros

Cons

"Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations."

"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."

"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."

"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."

"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."

"Too many false positives."

"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."

"One thing that is not yet available is attack simulation."

More CrowdStrike Falcon cons

"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."

"The solution needs better overall compatibility with other products."

"The product's reporting capabilities are an area of concern where improvements are required."

"I would like to see the user credentials feature improved. I would also like to see more reporting features and better ways to roll the reports out."

"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."

"The initial setup is complex."

"Right now, Carbon Black CB Defense doesn't support cloud computing and Kubernetes."

"It is difficult to extract reports for ongoing scans"

More VMware Carbon Black Endpoint cons

Pricing and Cost Advice

"The price is fixed with no room for negotiation."

"The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end users PC and we can tell if it's something that we actually need or something that's malicious."

"We pay between $30-50 per user for a yearly license, which is more expensive than SentinelOne or Bitdefender. However, CrowdStrike gives better value for money."

"The licensing model is straightforward. We choose the features we want and we then can download the package we want."

"The more endpoints an organization adds the cheaper the cost."

"CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team."

"The pricing and licensing are fairly good. It is definitely not a cheap product, but I have felt that it is worth the money that we spent. So, we have discussed it in the past, and were like, "Yes, it is probably pricier than some other solutions, but we also feel they really are the leader. We are very comfortable with their level of expertise. So, it's kind of worth the price that we pay.""

"We are at about $60,000 per year."

More CrowdStrike Falcon pricing and cost advice

"I am not really involved in the pricing of this product. But, from my understanding, it is OK for us."

"The cost/benefit factor has great relevance in Cb Defense implementations."

"The pricing is very high."

"VMware Carbon Black Endpoint is an expensive product."

"The price for the solution is completely at government level, meaning one which is very high."

"The product’s price is less expensive than other vendors."

"The product is quite reasonable."

"The license is annual. It's a standard license."

More VMware Carbon Black Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

10%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

See all answers

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

See all answers

What do you like most about Carbon Black CB Defense?

VMware Carbon Black Endpoint is a highly stable solution.

See all answers

Comparisons

Microsoft Defender XDR vs CrowdStrike Falcon

Compared 6% of the time

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 5% of the time

Darktrace vs CrowdStrike Falcon

Compared 4% of the time

Kaspersky Endpoint Detection and Response vs CrowdStrike Falcon

Compared 4% of the time

Symantec Endpoint Security vs CrowdStrike Falcon

Compared 3% of the time

More CrowdStrike Falcon Competitors

Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint

Compared 14% of the time

SentinelOne Singularity Complete vs VMware Carbon Black Endpoint

Compared 8% of the time

Trellix Endpoint Security vs VMware Carbon Black Endpoint

Compared 8% of the time

Trend Micro Deep Security vs VMware Carbon Black Endpoint

Compared 7% of the time

Symantec Endpoint Security vs VMware Carbon Black Endpoint

Compared 6% of the time

More VMware Carbon Black Endpoint Competitors

Product Reports

Buyer's Guide

CrowdStrike Falcon

December 2024

Download CrowdStrike Falcon product report

Buyer's Guide

VMware Carbon Black Endpoint

November 2024

Download VMware Carbon Black Endpoint product report

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface

Carbon Black CB Defense, Bit9, Confer

Learn More

CrowdStrike

VMware

Overview

CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.

CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features, although some users highlight high pricing, occasional detection delays, and challenges with integration. Frequent alerts and the mobile app's performance are areas for improvement.

What are the key features of CrowdStrike Falcon?

Real-time Threat Detection: Provides immediate threat identification and response.
Lightweight Agent: Minimal impact on system performance.
Cloud-native Architecture: Ensures flexibility and scalability.
Advanced AI Capabilities: Enhances threat detection and prevention.
Comprehensive Endpoint Visibility: Complete insight into endpoint activities.
Detailed Reporting: Facilitates compliance and forensic analysis.
Security Tool Integration: Seamless integration with other tools.
Efficient Customer Support: Robust support services.

What are the benefits or ROI of CrowdStrike Falcon?

Improved Threat Detection: Identifies sophisticated threats, reducing risk.
Enhanced System Performance: Lightweight agent ensures minimal disruption.
Faster Response Times: Swift reaction to incidents minimizes damage.
Better Compliance: Detailed logs meet regulatory requirements.
Streamlined Deployment: Easy to implement with minimal downtime.

In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.

VMware Carbon Black Endpoint provides comprehensive endpoint security against ransomware, spyware, malware, and viruses, catering to both cloud and on-premise environments.

VMware Carbon Black Endpoint facilitates endpoint detection and response, threat hunting, application control, antivirus support, and protection for virtual and physical machines. Features include intelligent learning, whitelisting, and integration with other security tools, making it suitable for distributors, MSPs, and enterprises seeking advanced threat defense and real-time monitoring. With its capability to detect and stop malicious executables, it supports both offline and online environments and offers tools like command shell access for deeper investigation.

What are the key features of VMware Carbon Black Endpoint?

Intelligent learning: Improves detection capabilities over time.
Whitelisting: Allows only approved applications to run.
Integration with other security tools: Enhances overall security posture.
Centralized cloud control: Manages endpoints from a single interface.
Command shell access: Offers deeper investigation capabilities.
Dynamic grouping: Facilitates organized endpoint management.
Simplified policy management: Streamlines security policy implementation.
API for system remoting: Allows remote system access and management.
Twenty-four-seven support: Provides continuous assistance and response.

What are the benefits of VMware Carbon Black Endpoint?

Real-time monitoring: Offers constant vigilance against threats.
Threat hunting: Identifies and mitigates threats proactively.
Historical data analysis: Assists in understanding past incidents and patterns.
Improved endpoint protection: Enhances overall endpoint security.
Enhanced threat detection: Reduces exposure to advanced threats.

VMware Carbon Black Endpoint is implemented across various industries including technology, healthcare, and finance. Organizations utilize it in cloud and hybrid environments, enhancing their security frameworks with real-time monitoring, intelligent learning, and robust threat detection capabilities tailored to their specific industry needs.

Sample Customers

Information Not Available

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Buyer's Guide

CrowdStrike Falcon vs. VMware Carbon Black Endpoint

December 2024

Free Report: CrowdStrike Falcon vs. VMware Carbon Black Endpoint

Find out what your peers are saying about CrowdStrike Falcon vs. VMware Carbon Black Endpoint and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.

See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.