VMware Carbon Black Cloud and Trellix Active Response compete in the advanced threat detection and response category. VMware Carbon Black Cloud seems to have the upper hand in overall user satisfaction due to its features and performance, while Trellix Active Response is preferred for its incident management features and proactive threat hunting.
Features: VMware Carbon Black Cloud users highlight real-time threat detection, automated response capabilities, and automated threat intelligence. Trellix Active Response users value comprehensive incident response, integration with other security tools, and deep incident response features.
Room for Improvement: VMware Carbon Black Cloud could enhance integration with third-party tools, improve user interface intuitiveness, and offer better reporting functionalities. Trellix Active Response could improve analytics and reporting, enhance user experience, and streamline updates and patches.
Ease of Deployment and Customer Service: VMware Carbon Black Cloud users report smooth deployment with occasional complexity in large-scale implementations and generally reliable customer service. Trellix Active Response users mention straightforward deployment but mixed experiences with customer service responsiveness, sometimes faltering in support efficiency.
Pricing and ROI: VMware Carbon Black Cloud users feel it offers good value for its pricing with notable ROI. Trellix Active Response is viewed as more expensive, but users believe the higher cost is justified by its extensive feature set, delivering compelling ROI.
While we haven't yet quantified the financial benefits, we recognize that there has been a return on investment, particularly with operational efficiencies provided by the alerts.
The scalability of Active Response is satisfactory.
We would like Trellix to optimize the technology for these systems similarly to how it is deployed for normal endpoints.
They notify us immediately of any vulnerabilities on the endpoints, allowing us to deploy a response quickly.
Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.
Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.
Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
