Try our new research platform with insights from 80,000+ expert users

Elastic Security vs VMware Carbon Black Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
5.5
Elastic Security often delivers positive ROI within two years, though user satisfaction and views on cost-effectiveness vary.
Sentiment score
7.1
Users reported significant ROI with VMware Carbon Black Endpoint, citing reduced malware and ransomware incidents, and 10% cost savings.
It does not require hefty security budgets and can be deployed for enterprise security effectively.
 

Customer Service

Sentiment score
6.3
Elastic Security feedback is mixed; users praise community support, yet criticize inconsistent technical support and seek faster solutions.
Sentiment score
6.4
VMware Carbon Black Endpoint support is generally praised as effective and knowledgeable, but some report delays and issues with tiered support.
Most of the time when my team encounters issues, they receive responses within 24 hours.
Support is prompt and helpful.
 

Scalability Issues

Sentiment score
7.3
Elastic Security is scalable and adaptable, suitable for diverse business needs, though skilled personnel are important for effective management.
Sentiment score
7.5
VMware Carbon Black Endpoint is highly scalable and adaptable for various enterprises, praised for ease of adding tenants and managing environments.
It allows us to think about specific use cases, such as gathering malicious IPs in a single view and analyzing threats based on geolocation.
 

Stability Issues

Sentiment score
7.6
Elastic Security is stable and reliable, though challenges arise with big data and real-time usage without proper configuration.
Sentiment score
7.6
VMware Carbon Black Endpoint is stable, lightweight, reliable, and highly rated, though minor issues with sensors and updates occasionally occur.
In terms of stability, I would rate Elastic a solid eight out of ten.
 

Room For Improvement

Elastic Security faces challenges in setup, AI integration, permissions management, user support, and requires improved dashboards and cost-efficiency.
VMware Carbon Black Endpoint struggles with mobile support, complex UI, performance issues, inadequate reporting, and insufficient third-party integration.
CrowdStrike and Defender have more established threat intelligence integration due to having a larger client base.
My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently.
Elastic Security consumes a lot of resources, requiring a substantial deployment setup.
 

Setup Cost

Elastic Security offers a free open-source option with enterprise features based on usage, making it cost-effective for enterprises.
VMware Carbon Black Endpoint licensing is seen as expensive and inflexible, with prices ranging from $15 to $7,000 per node.
This is beneficial for SMEs as they do not need extensive budgets for security solutions.
The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building their security infrastructure.
Elastic Security is considered cost-effective, especially at lower EPS levels.
 

Valuable Features

Elastic Security is praised for fast search, scalability, machine learning, customization, integration, and user-friendly, cost-effective features.
VMware Carbon Black Endpoint offers robust remote security with intuitive real-time detection, AI-driven threat response, and centralized cloud control.
The platform provides more visibility and requires less effort in monitoring.
Elastic Security is as flexible and configurable as Microsoft Sentinel.
We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data.
 

Categories and Ranking

Elastic Security
Ranking in Endpoint Detection and Response (EDR)
16th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
64
Ranking in other categories
Log Management (7th), Security Information and Event Management (SIEM) (5th), Security Orchestration Automation and Response (SOAR) (6th), Extended Detection and Response (XDR) (8th)
VMware Carbon Black Endpoint
Ranking in Endpoint Detection and Response (EDR)
15th
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
63
Ranking in other categories
Endpoint Protection Platform (EPP) (21st), Security Incident Response (1st), Ransomware Protection (5th)
 

Mindshare comparison

As of March 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Elastic Security is 2.4%, up from 2.2% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.9%, down from 3.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Gajewski Marek - PeerSpot reviewer
Provides good anomaly detection and connectivity reporting
We previously used Splunk but switched to Elastic Security because Splunk was more expensive. Feature-wise, both tools are pretty much the same. They have almost the same functions. Elastic Security has a much better AI assistant that allows you to ask questions like a normal person. With Elastic Security, I can also predict the price and how much it will cost. Splunks's pricing depends on how much data we use and the different add-ons I have to add. The pricing is much better with Elastic Security.
Nikunj Kamboj - PeerSpot reviewer
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it. The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization. Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
842,690 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Government
10%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
15%
Financial Services Firm
11%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Elastic Security is considered cost-effective, especially at lower EPS levels. However, a direct comparison was not made due to different pricing structures.
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Defense?
VMware Carbon Black Endpoint is a highly stable solution.
 

Also Known As

Elastic SIEM, ELK Logstash
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about Elastic Security vs. VMware Carbon Black Endpoint and other solutions. Updated: March 2025.
842,690 professionals have used our research since 2012.