NetWitness NDR vs VMware Carbon Black Endpoint comparison

NetWitness and VMware are both solutions in the Endpoint Protection Platform (EPP) category. NetWitness is ranked #58, while VMware is ranked #20 with an average rating of 7.7. NetWitness holds a 0.2% mindshare in EPP, compared to VMware’s 1.9% mindshare. Additionally, 87% of NetWitness users are willing to recommend the solution, compared to 88% of VMware users who would recommend it.

NetWitness NDR

Read 15 NetWitness NDR reviews

635 Views
495 Comparison Views

87% willing to recommend

VMware Carbon Black Endpoint

Read 63 VMware Carbon Black Endpoint reviews

7,366 Views
5,073 Comparison Views

88% willing to recommend

NetWitness NDR

VMware Carbon Black Endpoint

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

VMware Carbon Black Endpoint and NetWitness NDR are leading solutions in endpoint detection and response and network detection and response, respectively. VMware Carbon Black Endpoint is often preferred for its comprehensive threat detection capabilities, while NetWitness NDR stands out for its superior network visibility and data insights.

Features: VMware Carbon Black Endpoint offers real-time threat monitoring, extensive endpoint control, and rapid threat detection and response capabilities. NetWitness NDR provides in-depth network traffic analysis, robust incident response, and detailed network insights.

Room for Improvement: VMware Carbon Black Endpoint could benefit from better integration with other security tools, enhancements in system performance, and a more intuitive user interface. NetWitness NDR needs improvements in scalability, advanced analytics capabilities, and easier setup procedures.

Ease of Deployment and Customer Service: VMware Carbon Black Endpoint is noted for its straightforward deployment and strong customer support services. NetWitness NDR, while offering flexible deployment options, receives feedback for needing more responsive customer service and simpler installation processes.

Pricing and ROI: VMware Carbon Black Endpoint is viewed as competitively priced, with users reporting satisfactory ROI due to its robust features. NetWitness NDR, despite its higher cost, is considered to offer good ROI because of its advanced network detection capabilities, justifying the investment for its comprehensive insights.

To learn more, read our detailed NetWitness NDR vs. VMware Carbon Black Endpoint Report (Updated: January 2025).

Buyer's Guide

NetWitness NDR vs. VMware Carbon Black Endpoint

January 2025

Download the complete report

Helped 831,265 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

8.0

Implementing NetWitness NDR enhances security, improves network visibility, reduces costs, and boosts efficiency and productivity for businesses.

Sentiment score

7.1

Users reported significant ROI with VMware Carbon Black Endpoint, citing reduced malware and ransomware incidents, and 10% cost savings.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Customer Service

Sentiment score

7.3

NetWitness NDR's customer service is generally efficient and highly regarded, though some users report occasional slow response times.

Sentiment score

6.4

VMware Carbon Black Endpoint support is generally praised as effective and knowledgeable, but some report delays and issues with tiered support.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Scalability Issues

Sentiment score

7.0

NetWitness NDR is scalable for large enterprises, though some users report issues with scalability and agent migration.

Sentiment score

7.5

VMware Carbon Black Endpoint is highly scalable and adaptable for various enterprises, praised for ease of adding tenants and managing environments.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Stability Issues

Sentiment score

7.7

NetWitness NDR is generally reliable, providing real-time data and stability, though minor technical issues are occasionally reported.

Sentiment score

7.6

VMware Carbon Black Endpoint is stable, lightweight, reliable, and highly rated, though minor issues with sensors and updates occasionally occur.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Room For Improvement

NetWitness NDR requires improvements in UI, scalability, detectability, integration, session times, pricing, training, and features, making it complex and slow.

VMware Carbon Black Endpoint struggles with mobile support, complex UI, performance issues, inadequate reporting, and insufficient third-party integration.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Setup Cost

VMware Carbon Black Endpoint licensing is seen as expensive and inflexible, with prices ranging from $15 to $7,000 per node.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Valuable Features

NetWitness NDR offers high detection rates, real-time malware response, third-party integration, and a user-friendly, interoperable interface with advanced analytics.

VMware Carbon Black Endpoint offers robust remote security with intuitive real-time detection, AI-driven threat response, and centralized cloud control.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Categories and Ranking

NetWitness NDR

Ranking in Endpoint Protection Platform (EPP)

58th

Ranking in Endpoint Detection and Response (EDR)

60th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Threat Intelligence Platforms (33rd), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (34th)

VMware Carbon Black Endpoint

Ranking in Endpoint Protection Platform (EPP)

20th

Ranking in Endpoint Detection and Response (EDR)

15th

Average Rating

7.8

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Security Incident Response (1st), Ransomware Protection (4th)

Mindshare comparison

As of January 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of NetWitness NDR is 0.2%, up from 0.2% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 1.9%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

SupravatMaji

Associate Vice President - IT Security at Inspira Enterprise

Beneficial single unified dashboard, good native application integration, and high availability

My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

Read full review

Matthew Weisler

Sole Proprietor at Core-Infosec

Great granularity for policies or applications without needing hash values

The solution is cloud based which makes it easy to use for remote devices or work-at-home situations. The solution supports full trust or signature-based approvals. You can get very granular and band out policies or applications without having to do hash values. You can band through the entire environment by execution of the name or desk IDXE. This can be achieved on the policy side because of the signature, IOC, or naming convention itself. This is very effective for pushing more blockage or removing threats across the board. The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation. This is useful for monitoring several different companies in a workspace or workbook-type format. For example, I report and send out mass emails from a clickable button in an Excel workbook. The APIs all exist for each client. I push out automatic endpoint monitoring and reports every single day at a particular time, with a simple clickable button that serves as a scheduled task for fifty clients.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

831,265 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

15%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

10%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Ask a question

Earn 20 points

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

See all answers

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

See all answers

What do you like most about Carbon Black CB Defense?

VMware Carbon Black Endpoint is a highly stable solution.

See all answers

Comparisons

Darktrace vs NetWitness NDR

Compared 15% of the time

Vectra AI vs NetWitness NDR

Compared 14% of the time

Fidelis Elevate vs NetWitness NDR

Compared 11% of the time

Cortex XDR by Palo Alto Networks vs NetWitness NDR

Compared 9% of the time

Corelight vs NetWitness NDR

Compared 9% of the time

More NetWitness NDR Competitors

CrowdStrike Falcon vs VMware Carbon Black Endpoint

Compared 15% of the time

Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint

Compared 15% of the time

SentinelOne Singularity Complete vs VMware Carbon Black Endpoint

Compared 9% of the time

Trellix Endpoint Security vs VMware Carbon Black Endpoint

Compared 9% of the time

Trend Micro Deep Security vs VMware Carbon Black Endpoint

Compared 8% of the time

More VMware Carbon Black Endpoint Competitors

Product Reports

Buyer's Guide

NetWitness NDR

January 2025

Download NetWitness NDR product report

Buyer's Guide

VMware Carbon Black Endpoint

December 2024

Download VMware Carbon Black Endpoint product report

Also Known As

RSA ECAT, NetWitness Network

Carbon Black CB Defense, Bit9, Confer

Learn More

Video not available

NetWitness

VMware

Overview

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

VMware Carbon Black Endpoint provides comprehensive endpoint security against ransomware, spyware, malware, and viruses, catering to both cloud and on-premise environments.

VMware Carbon Black Endpoint facilitates endpoint detection and response, threat hunting, application control, antivirus support, and protection for virtual and physical machines. Features include intelligent learning, whitelisting, and integration with other security tools, making it suitable for distributors, MSPs, and enterprises seeking advanced threat defense and real-time monitoring. With its capability to detect and stop malicious executables, it supports both offline and online environments and offers tools like command shell access for deeper investigation.

What are the key features of VMware Carbon Black Endpoint?

Intelligent learning: Improves detection capabilities over time.
Whitelisting: Allows only approved applications to run.
Integration with other security tools: Enhances overall security posture.
Centralized cloud control: Manages endpoints from a single interface.
Command shell access: Offers deeper investigation capabilities.
Dynamic grouping: Facilitates organized endpoint management.
Simplified policy management: Streamlines security policy implementation.
API for system remoting: Allows remote system access and management.
Twenty-four-seven support: Provides continuous assistance and response.

What are the benefits of VMware Carbon Black Endpoint?

Real-time monitoring: Offers constant vigilance against threats.
Threat hunting: Identifies and mitigates threats proactively.
Historical data analysis: Assists in understanding past incidents and patterns.
Improved endpoint protection: Enhances overall endpoint security.
Enhanced threat detection: Reduces exposure to advanced threats.

VMware Carbon Black Endpoint is implemented across various industries including technology, healthcare, and finance. Organizations utilize it in cloud and hybrid environments, enhancing their security frameworks with real-time monitoring, intelligent learning, and robust threat detection capabilities tailored to their specific industry needs.

Sample Customers

ADP, Ameritas, Partners Healthcare

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America

Buyer's Guide

NetWitness NDR vs. VMware Carbon Black Endpoint

January 2025

Free Report: NetWitness NDR vs. VMware Carbon Black Endpoint

Find out what your peers are saying about NetWitness NDR vs. VMware Carbon Black Endpoint and other solutions. Updated: January 2025.

DOWNLOAD NOW

831,265 professionals have used our research since 2012.

See our NetWitness NDR vs. VMware Carbon Black Endpoint report.

See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.