CrowdStrike Falcon vs VMware Carbon Black Endpoint comparison

CrowdStrike and VMware are both solutions in the Endpoint Protection Platform (EPP) category. CrowdStrike is ranked #3 with an average rating of 8.8, while VMware is ranked #18 with an average rating of 7.7. CrowdStrike holds a 11.1% mindshare in EPP, compared to VMware’s 1.9% mindshare. Additionally, 97% of CrowdStrike users are willing to recommend the solution, compared to 88% of VMware users who would recommend it.

CrowdStrike Falcon

Read 122 CrowdStrike Falcon reviews

29,731 Views
22,379 Comparison Views

97% willing to recommend

VMware Carbon Black Endpoint

Read 63 VMware Carbon Black Endpoint reviews

7,867 Views
5,334 Comparison Views

88% willing to recommend

CrowdStrike Falcon

VMware Carbon Black Endpoint

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 1, 2024

CrowdStrike Falcon and VMware Carbon Black Endpoint compete in the endpoint security category. CrowdStrike Falcon seems to have the upper hand due to its flexible cloud-native architecture which offers real-time threat detection and response, resulting in improved threat management efficiency.

Features: CrowdStrike Falcon provides real-time threat detection, the OverWatch service for continuous monitoring, and robust machine learning capabilities. These features ensure high efficacy in threat prevention and remediation. VMware Carbon Black Endpoint offers in-depth threat visibility, comprehensive forensic analysis capabilities, and an active endpoint firewall, enhancing its security posture.

Room for Improvement: CrowdStrike Falcon could enhance its forensic capabilities, streamline its reporting system, and improve offline scanning. Users also desire more intuitive dashboards and deeper integration with Active Directory. VMware Carbon Black Endpoint users face deployment stability issues, require better support for mobile devices, and demand faster customer service response times. Additionally, more streamlined configuration and management are needed.

Ease of Deployment and Customer Service: CrowdStrike Falcon offers a straightforward setup process with extensive support options. Users value the responsive technical support although some initially struggle with navigation. VMware Carbon Black Endpoint faces a complex deployment process, particularly in hybrid environments, and users call for faster response times and clearer communication during issue resolution.

Pricing and ROI: CrowdStrike Falcon is priced at a premium, justified by its extensive features and cost avoidance benefits through improved threat management, offering flexible licensing to suit various needs. VMware Carbon Black Endpoint is typically priced higher within the market but is valued for its comprehensive security features. Customers, however, express concerns over restrictive licensing terms, particularly affecting smaller deployments. Both products deliver ROI through enhanced security measures, though Falcon is praised more for cost reduction in threat management.

To learn more, read our detailed CrowdStrike Falcon vs. VMware Carbon Black Endpoint Report (Updated: December 2024).

Buyer's Guide

CrowdStrike Falcon vs. VMware Carbon Black Endpoint

December 2024

Download the complete report

Helped 824,154 peers since 2012

Categories and Ranking

CrowdStrike Falcon

Ranking in Endpoint Protection Platform (EPP)

3rd

Ranking in Endpoint Detection and Response (EDR)

1st

Ranking in Ransomware Protection

1st

Average Rating

8.6

Reviews Sentiment

7.4

Number of Reviews

122

Ranking in other categories

Security Information and Event Management (SIEM) (6th), Identity Management (IM) (6th), Threat Intelligence Platforms (2nd), Active Directory Management (2nd), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (2nd)

VMware Carbon Black Endpoint

Ranking in Endpoint Protection Platform (EPP)

18th

Ranking in Endpoint Detection and Response (EDR)

15th

Ranking in Ransomware Protection

4th

Average Rating

7.8

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Security Incident Response (1st)

Mindshare comparison

As of January 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of CrowdStrike Falcon is 11.1%, up from 8.7% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.9%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

Chintan-Vyas

Associate Director at KPMG

Easy to set up with good behavior-based analysis but needs a single-click recovery option

Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Read full review

Matthew Weisler

Sole Proprietor at Core-Infosec

Great granularity for policies or applications without needing hash values

The solution is cloud based which makes it easy to use for remote devices or work-at-home situations. The solution supports full trust or signature-based approvals. You can get very granular and band out policies or applications without having to do hash values. You can band through the entire environment by execution of the name or desk IDXE. This can be achieved on the policy side because of the signature, IOC, or naming convention itself. This is very effective for pushing more blockage or removing threats across the board. The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation. This is useful for monitoring several different companies in a workspace or workbook-type format. For example, I report and send out mass emails from a clickable button in an Excel workbook. The APIs all exist for each client. I push out automatic endpoint monitoring and reports every single day at a particular time, with a simple clickable button that serves as a scheduled task for fifty clients.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."

"The product's deployment phase is easy."

"The most useful feature is that we do not need to install or keep signature files. Regular scanning that consumes a lot of computer resources is not needed."

"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."

"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."

"It's given me a level of confidence that my network is secure."

"The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features."

"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."

More CrowdStrike Falcon pros

"The most valuable asset is the time-lining capability for any breach activity."

"The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."

"Carbon Black Cb Defense improved our endpoint level security. It helped to identify endpoint and infrastructure loopholes."

"I found it very valuable as a whole. It is good at detecting anything and has kept us very safe. It is also very easy to use."

"The solution is very useful and easy to handle. You don't need much intervention with this product."

"I like its protection very much. It protects and allows us to lock the environment pretty tightly. Nothing that is not approved through Carbon Black can run in the environment. There is no default. Everything goes through Carbon Black Protect, and everything has to be first approved. Every software is considered to be guilty before prove innocent."

"It actually does some heuristics, and some behavioral analysis."

"Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total."

More VMware Carbon Black Endpoint pros

Cons

"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."

"One thing that is not yet available is attack simulation."

"The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies."

"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."

"CrowdStrike Falcon's GUI requires improvement for user-friendliness."

"Forensic controls have room for improvement."

"The installation process for this software needs to be simplified."

"In the future release of CrowdStrike Falcon, they should add a sandbox feature."

More CrowdStrike Falcon cons

"Right now, Carbon Black CB Defense doesn't support cloud computing and Kubernetes."

"The solution needs expanded endpoint query tools."

"I would personally give the tech support a rating of seven out of ten."

"There could be more knowledge. I think they made a mistake when they took away the Check Point integration, because it provides more automation and also more threat intelligence."

"Sensor deployment requires extensive fine-tuning, and creating deployment packages is time-consuming."

"The solution would be more effective if there was a way to block automatically based on behavior."

"They will most likely need to create or include a feature that checks the network."

"Certain settings have limitations. For example, I cannot manually block some malware activities."

More VMware Carbon Black Endpoint cons

Pricing and Cost Advice

"The licensing model is straightforward. We choose the features we want and we then can download the package we want."

"The pricing on CrowdStrike is per license. It was about $42 per seat yearly."

"Crowdstrike Falcon is relatively cheap."

"Pricing and licensing seem to be in line with what they offer. We are a smaller organization, so pricing is important. Obviously, we would make a business case if it is something we really needed or felt that we needed. So, the pricing is in line with what we are getting from a product standpoint."

"I'm not directly involved in sales, so I can't comment on the exact price, but I know the price decreases the higher the quantity we purchase."

"The cost is usually a challenge in the industry. I think we pay around sixty-eight dollars."

"The pricing is definitely high but you get what you pay for, and it's not so high that it prices itself out of the market."

"As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing."

More CrowdStrike Falcon pricing and cost advice

"VMware Carbon Black Endpoint is an expensive product."

"The cost/benefit factor has great relevance in Cb Defense implementations."

"The solution has almost the same price as other different kinds of infrastructures, but it offers a lot of different features."

"The platform is expensive."

"The pricing is annually based and operates through another department than mine."

"The pricing is very high."

"This is a really expensive product and we pay licensing fees on a yearly basis."

"Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."

More VMware Carbon Black Endpoint pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

824,154 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

10%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

See all answers

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

See all answers

What do you like most about Carbon Black CB Defense?

VMware Carbon Black Endpoint is a highly stable solution.

See all answers

Comparisons

Microsoft Defender XDR vs CrowdStrike Falcon

Compared 6% of the time

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 6% of the time

Kaspersky Endpoint Detection and Response vs CrowdStrike Falcon

Compared 4% of the time

Darktrace vs CrowdStrike Falcon

Compared 4% of the time

Symantec Endpoint Security vs CrowdStrike Falcon

Compared 3% of the time

More CrowdStrike Falcon Competitors

Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint

Compared 15% of the time

Trellix Endpoint Security vs VMware Carbon Black Endpoint

Compared 9% of the time

SentinelOne Singularity Complete vs VMware Carbon Black Endpoint

Compared 9% of the time

Trend Micro Deep Security vs VMware Carbon Black Endpoint

Compared 8% of the time

Symantec Endpoint Security vs VMware Carbon Black Endpoint

Compared 6% of the time

More VMware Carbon Black Endpoint Competitors

Product Reports

Buyer's Guide

CrowdStrike Falcon

December 2024

Download CrowdStrike Falcon product report

Buyer's Guide

VMware Carbon Black Endpoint

December 2024

Download VMware Carbon Black Endpoint product report

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface

Carbon Black CB Defense, Bit9, Confer

Learn More

CrowdStrike

VMware

Overview

CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.

CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features, although some users highlight high pricing, occasional detection delays, and challenges with integration. Frequent alerts and the mobile app's performance are areas for improvement.

What are the key features of CrowdStrike Falcon?

Real-time Threat Detection: Provides immediate threat identification and response.
Lightweight Agent: Minimal impact on system performance.
Cloud-native Architecture: Ensures flexibility and scalability.
Advanced AI Capabilities: Enhances threat detection and prevention.
Comprehensive Endpoint Visibility: Complete insight into endpoint activities.
Detailed Reporting: Facilitates compliance and forensic analysis.
Security Tool Integration: Seamless integration with other tools.
Efficient Customer Support: Robust support services.

What are the benefits or ROI of CrowdStrike Falcon?

Improved Threat Detection: Identifies sophisticated threats, reducing risk.
Enhanced System Performance: Lightweight agent ensures minimal disruption.
Faster Response Times: Swift reaction to incidents minimizes damage.
Better Compliance: Detailed logs meet regulatory requirements.
Streamlined Deployment: Easy to implement with minimal downtime.

In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.

VMware Carbon Black Endpoint provides comprehensive endpoint security against ransomware, spyware, malware, and viruses, catering to both cloud and on-premise environments.

VMware Carbon Black Endpoint facilitates endpoint detection and response, threat hunting, application control, antivirus support, and protection for virtual and physical machines. Features include intelligent learning, whitelisting, and integration with other security tools, making it suitable for distributors, MSPs, and enterprises seeking advanced threat defense and real-time monitoring. With its capability to detect and stop malicious executables, it supports both offline and online environments and offers tools like command shell access for deeper investigation.

What are the key features of VMware Carbon Black Endpoint?

Intelligent learning: Improves detection capabilities over time.
Whitelisting: Allows only approved applications to run.
Integration with other security tools: Enhances overall security posture.
Centralized cloud control: Manages endpoints from a single interface.
Command shell access: Offers deeper investigation capabilities.
Dynamic grouping: Facilitates organized endpoint management.
Simplified policy management: Streamlines security policy implementation.
API for system remoting: Allows remote system access and management.
Twenty-four-seven support: Provides continuous assistance and response.

What are the benefits of VMware Carbon Black Endpoint?

Real-time monitoring: Offers constant vigilance against threats.
Threat hunting: Identifies and mitigates threats proactively.
Historical data analysis: Assists in understanding past incidents and patterns.
Improved endpoint protection: Enhances overall endpoint security.
Enhanced threat detection: Reduces exposure to advanced threats.

VMware Carbon Black Endpoint is implemented across various industries including technology, healthcare, and finance. Organizations utilize it in cloud and hybrid environments, enhancing their security frameworks with real-time monitoring, intelligent learning, and robust threat detection capabilities tailored to their specific industry needs.

Sample Customers

Information Not Available

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Buyer's Guide

CrowdStrike Falcon vs. VMware Carbon Black Endpoint

December 2024

Free Report: CrowdStrike Falcon vs. VMware Carbon Black Endpoint

Find out what your peers are saying about CrowdStrike Falcon vs. VMware Carbon Black Endpoint and other solutions. Updated: December 2024.

DOWNLOAD NOW

824,154 professionals have used our research since 2012.

See our CrowdStrike Falcon vs. VMware Carbon Black Endpoint report.

See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Ransomware Protection vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.