Try our new research platform with insights from 80,000+ expert users

ServiceNow Security Operations vs VMware Carbon Black Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 2, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ServiceNow Security Operations
Ranking in Security Incident Response
2nd
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
20
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (8th), Risk-Based Vulnerability Management (10th)
VMware Carbon Black Endpoint
Ranking in Security Incident Response
1st
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
63
Ranking in other categories
Endpoint Protection Platform (EPP) (21st), Endpoint Detection and Response (EDR) (15th), Ransomware Protection (5th)
 

Mindshare comparison

As of April 2025, in the Security Incident Response category, the mindshare of ServiceNow Security Operations is 19.2%, up from 12.6% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 7.7%, down from 20.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Incident Response
 

Featured Reviews

KishoreKumar4 - PeerSpot reviewer
A low-cost and open-source tool for incident and change management
If we encounter challenges while deploying, we raise incidents. These incidents are categorized by priority: high, medium, and low. We assign an incident number and notify the relevant teams to address the issue. For instance, if we experience a problem with Cloud services or any other issue, we…
Nikunj Kamboj - PeerSpot reviewer
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it. The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization. Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"My favorite feature is the application vulnerability scanner."
"The ease of use is great."
"The product has a very simple UI."
"It has helped optimize security costs by consolidating multiple tools into one platform."
"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."
"Multiple projects use the ServiceNow tool because it is a low-cost and open-source tool."
"The SOAR module of ServiceNow Security Operations is the most valuable feature"
"The solution is available over the cloud and is easy to manage."
"VMware Carbon Black Endpoint is a highly stable solution."
"I like the historical features, interface, and integration."
"What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process."
"Technical support is excellent."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"The product enables device controls, helping us protect the devices and prevent data leakages."
"CB Defense is more powerful, and you can take more actions than others. Its security features and signatures are constantly updated, so it is more effective than other security solutions."
"For Carbon Black Endpoint, the possibility of integration with different other software's log servers is the important thing. Having just one point of view is more interesting so you don't need to go to different places to see all the information."
 

Cons

"They should stick to the roadmap and continue to build plugins and integrations with other third parties, enhance the UI, and enhance the reporting. It's all good. They should just continue enhancing the releases."
"The product is called SecOps, but it is not security operations in terms of SIEM solutions."
"It is challenging for the customers to understand the processes for SecOps. It needs to be simplified."
"The threat intelligence module needs a better dashboard."
"It's very slow. When you click a button or update a field, it takes forever to actually react."
"The initial setup is difficult."
"We'd like customization to be easier in terms of the UI and using the dashboards."
"There is room for improvement in terms of developer support and documentation."
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
"What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."
"The pricing could be more reasonable."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"They will most likely need to create or include a feature that checks the network."
"Adding an application and a device control feature would be a great help for this solution."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"The tech support communicates, but it's just not with movement."
 

Pricing and Cost Advice

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."
"This product is a good value for the money."
"It is an expensive product."
"The product is more expensive than other solutions."
"Compared to competitor tools, ServiceNow Security Operations is more affordable"
"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."
"CB Defense is available on a yearly subscription and is priced by the number of endpoints."
"Carbon Black provides competitive pricing."
"VMware Carbon Black Endpoint is an expensive product."
"It is more expensive, but it's worth it. There are no additional costs beyond the standard licensing fee."
"The cost is a considerable factor, but the benefit factor is the most important. When you compare it with other products, the price is high. Carbon Black will negotiate the price."
"The pricing [is] more or less the same as other similar solutions."
"This is a really expensive product and we pay licensing fees on a yearly basis."
"Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide."
report
Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Manufacturing Company
11%
Computer Software Company
9%
Government
8%
Computer Software Company
15%
Financial Services Firm
11%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about ServiceNow Security Operations?
The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product.
What is your experience regarding pricing and costs for ServiceNow Security Operations?
The product is more expensive than other solutions like Archer but offers more features, making the pricing justifiable.
What needs improvement with ServiceNow Security Operations?
Report generation within ServiceNow can take some time. Additionally, there are occasional issues when raising a ticket, which can also consume time.
What to choose: an endpoint antivirus, an EDR solution or both?
I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...
What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...
What do you like most about Carbon Black CB Defense?
VMware Carbon Black Endpoint is a highly stable solution.
 

Also Known As

No data available
Carbon Black CB Defense, Bit9, Confer
 

Overview

 

Sample Customers

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services
Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America
Find out what your peers are saying about ServiceNow Security Operations vs. VMware Carbon Black Endpoint and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.