Trellix Endpoint Detection and Response (EDR) vs VMware Carbon Black Endpoint comparison

Trellix Endpoint Detection and Response (EDR) vs. VMware Carbon Black Endpoint

January 2025

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

5.8

Trellix EDR offers improved security and compliance but has mixed reviews on cost-effectiveness and management needs.

Sentiment score

7.1

Users reported significant ROI with VMware Carbon Black Endpoint, citing reduced malware and ransomware incidents, and 10% cost savings.

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Customer Service

Sentiment score

8.1

Trellix EDR customer service quality is inconsistent, with mixed reviews on response times, language barriers, and support effectiveness.

Sentiment score

6.4

VMware Carbon Black Endpoint support is generally praised as effective and knowledgeable, but some report delays and issues with tiered support.

I have contracted support and also have an operating control so I can get various types of support.

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Scalability Issues

Sentiment score

7.5

Trellix EDR provides scalable solutions for businesses of all sizes, despite some concerns about operational issues and performance.

Sentiment score

7.5

VMware Carbon Black Endpoint is highly scalable and adaptable for various enterprises, praised for ease of adding tenants and managing environments.

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Stability Issues

Sentiment score

7.6

Trellix EDR is praised for stability and performance, but some browser and deployment issues have been noted.

Sentiment score

7.6

VMware Carbon Black Endpoint is stable, lightweight, reliable, and highly rated, though minor issues with sensors and updates occasionally occur.

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Room For Improvement

Trellix EDR needs enhanced performance, integration, user interface, historical search, and streamlined management for better user experience.

VMware Carbon Black Endpoint struggles with mobile support, complex UI, performance issues, inadequate reporting, and insufficient third-party integration.

I am seeing, for workflows, some sort of ethical hacking to test our environment.

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Setup Cost

Trellix EDR pricing starts at $25,000, offers flexibility for startups, but advanced features and retention fees can increase costs.

VMware Carbon Black Endpoint licensing is seen as expensive and inflexible, with prices ranging from $15 to $7,000 per node.

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Valuable Features

Trellix Endpoint Detection and Response provides scalable, automated cybersecurity with real-time monitoring, threat visualization, and seamless integration capabilities.

VMware Carbon Black Endpoint offers robust remote security with intuitive real-time detection, AI-driven threat response, and centralized cloud control.

I have spent efforts on training our managers and others - what can software do if the knowledge base is low?

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

No quotes available

For more quotes and insights, download the VMware Carbon Black Endpoint report

Categories and Ranking

Trellix Endpoint Detection ...

Ranking in Endpoint Detection and Response (EDR)

24th

Average Rating

7.4

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

No ranking in other categories

VMware Carbon Black Endpoint

Ranking in Endpoint Detection and Response (EDR)

15th

Average Rating

7.8

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (21st), Security Incident Response (1st), Ransomware Protection (4th)

Mindshare comparison

As of February 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Trellix Endpoint Detection and Response (EDR) is 0.9%, up from 0.5% compared to the previous year. The mindshare of VMware Carbon Black Endpoint is 2.0%, down from 3.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

Enhancements needed for security alerts while ongoing training strengthens defenses

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers. Application fiber also needs attention. Nowadays I am making applications that are publicly seen on the Internet. I need some protection, possibly multi-factor authentication improvements. I am seeing, for workflows, some sort of ethical hacking to test our environment. Knowledge of everything, not only the product - maybe some kind of alerts - needs to emerge. I see the current ones as very low-tier, and they must improve.

Read full review

Matthew Weisler

Sole Proprietor at Core-Infosec

Great granularity for policies or applications without needing hash values

The solution is cloud based which makes it easy to use for remote devices or work-at-home situations. The solution supports full trust or signature-based approvals. You can get very granular and band out policies or applications without having to do hash values. You can band through the entire environment by execution of the name or desk IDXE. This can be achieved on the policy side because of the signature, IOC, or naming convention itself. This is very effective for pushing more blockage or removing threats across the board. The solution has a very nice API on the back end for remoting into a system and executing scripts or utilizing self automation. This is useful for monitoring several different companies in a workspace or workbook-type format. For example, I report and send out mass emails from a clickable button in an Excel workbook. The APIs all exist for each client. I push out automatic endpoint monitoring and reports every single day at a particular time, with a simple clickable button that serves as a scheduled task for fifty clients.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Government

12%

Financial Services Firm

11%

Manufacturing Company

10%

Computer Software Company

15%

Financial Services Firm

10%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about McAfee MVISION Endpoint Detection and Response?

Trellix has a user-friendly interface.

What is your experience regarding pricing and costs for McAfee MVISION Endpoint Detection and Response?

I haven't had any really great problems with pricing in the past two or three years.

What needs improvement with McAfee MVISION Endpoint Detection and Response?

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

What do you like most about Carbon Black CB Defense?

VMware Carbon Black Endpoint is a highly stable solution.

Trellix Endpoint Security (ENS) vs Trellix Endpoint Detection and Response (EDR)

Comparisons

Compared 52% of the time

CrowdStrike Falcon vs Trellix Endpoint Detection and Response (EDR)

Compared 15% of the time

Microsoft Defender for Endpoint vs Trellix Endpoint Detection and Response (EDR)

Compared 7% of the time

Trend Vision One vs Trellix Endpoint Detection and Response (EDR)

Compared 5% of the time

Trellix Active Response vs Trellix Endpoint Detection and Response (EDR)

Compared 5% of the time

More Trellix Endpoint Detection and Response (EDR) Competitors

CrowdStrike Falcon vs VMware Carbon Black Endpoint

Compared 15% of the time

Microsoft Defender for Endpoint vs VMware Carbon Black Endpoint

Compared 15% of the time

SentinelOne Singularity Complete vs VMware Carbon Black Endpoint

Compared 10% of the time

Trellix Endpoint Security vs VMware Carbon Black Endpoint

Compared 9% of the time

Trend Micro Deep Security vs VMware Carbon Black Endpoint

Compared 8% of the time

More VMware Carbon Black Endpoint Competitors

Product Reports

Trellix Endpoint Detection and Response (EDR)

February 2025

Trellix Endpoint Detection and Response (EDR) report

Download Trellix Endpoint Detection and Response (EDR) product report

VMware Carbon Black Endpoint

February 2025

Download VMware Carbon Black Endpoint product report

Also Known As

McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response

Carbon Black CB Defense, Bit9, Confer

Overview

Reduce Alert Noise

Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption.

Do More with Existing Resources

Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources.

Low-Maintenance Cloud Solution

Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you.

Trellix

VMware Carbon Black Endpoint provides comprehensive endpoint security against ransomware, spyware, malware, and viruses, catering to both cloud and on-premise environments.

VMware Carbon Black Endpoint facilitates endpoint detection and response, threat hunting, application control, antivirus support, and protection for virtual and physical machines. Features include intelligent learning, whitelisting, and integration with other security tools, making it suitable for distributors, MSPs, and enterprises seeking advanced threat defense and real-time monitoring. With its capability to detect and stop malicious executables, it supports both offline and online environments and offers tools like command shell access for deeper investigation.

What are the key features of VMware Carbon Black Endpoint?

Intelligent learning: Improves detection capabilities over time.
Whitelisting: Allows only approved applications to run.
Integration with other security tools: Enhances overall security posture.
Centralized cloud control: Manages endpoints from a single interface.
Command shell access: Offers deeper investigation capabilities.
Dynamic grouping: Facilitates organized endpoint management.
Simplified policy management: Streamlines security policy implementation.
API for system remoting: Allows remote system access and management.
Twenty-four-seven support: Provides continuous assistance and response.

What are the benefits of VMware Carbon Black Endpoint?

Real-time monitoring: Offers constant vigilance against threats.
Threat hunting: Identifies and mitigates threats proactively.
Historical data analysis: Assists in understanding past incidents and patterns.
Improved endpoint protection: Enhances overall endpoint security.
Enhanced threat detection: Reduces exposure to advanced threats.

VMware Carbon Black Endpoint is implemented across various industries including technology, healthcare, and finance. Organizations utilize it in cloud and hybrid environments, enhancing their security frameworks with real-time monitoring, intelligent learning, and robust threat detection capabilities tailored to their specific industry needs.

VMware

Sample Customers

Sutherland Global Services

Netflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research America