We use Cb response primarily as our incidence response. Our environment has more than 300 users handling sensitive client information, like financial data and personal identifiable information, so security is a huge concern. When we receive an incident report from our SOC, our first move is to isolate the endpoint, and Cb response does that seamlessly. We are also able to use the product to perform an in-depth binary process analysis to see if there were any suppressed malicious services.
Technical Support Specialist at a financial services firm
We are able to remotely isolate exploited endpoints in seconds
Pros and Cons
- "We are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts."
- "The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."
- "The threat intelligence feed could use some fine tweaking."
- "We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds."
What is our primary use case?
How has it helped my organization?
Cb Response is our primary incident response tool. With this product in our hands, we are able to remotely isolate exploited endpoints in seconds and perform a live deep dive of any endpoint into its running processes (as necessary) without the need for extra scripts.
What is most valuable?
The ability to isolate an endpoint with only the host name and a click of a button is a major time saver. No need to go hunting for an IP or typing in terminal.
What needs improvement?
The threat intelligence feed could use some fine tweaking. We are subscribed to FS-ISAC threat indicator, but have been unsuccessful in adding it to our alliance feeds. So, rather than Cb Response being able to pull the data from the feed, we have to manually blacklist MD5 hashes.
Buyer's Guide
VMware Carbon Black Cloud
November 2024
Learn what your peers think about VMware Carbon Black Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
Less than one year.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SOC Analyst at a tech services company with 201-500 employees
Automatically detects many viruses, malware, and other threats on our network
Pros and Cons
- "They're highly stable in comparison with other solutions I have."
- "The dashboard should be more user-friendly."
What is our primary use case?
I did some tests when they came out with the solution because my manager wants an assessment with Carbon Black. I tested the solution for two weeks. It was good.
How has it helped my organization?
The tools are good. Carbon Black detects many threats, and problems for me.
What needs improvement?
The dashboard should be more user-friendly. The additional features I would like to see included in the next release are better analytics and report generation.
For how long have I used the solution?
I have been using Carbon Black less than one year.
What do I think about the stability of the solution?
They're highly stable in comparison with other solutions I have.
What do I think about the scalability of the solution?
The scalability, in my testing, is very good.
How are customer service and technical support?
The support with the platform by Carbon Black is good. I don't have a problem with it.
How was the initial setup?
The initial setup was very easy.
What about the implementation team?
We used an integrator company for the setup.
Which other solutions did I evaluate?
Carbon Black is the leader in the market on many web boards.
What other advice do I have?
On a scale from one to ten, I would rate Carbon Black CB Response at a nine. They should improve the dashboard and provide more helpful tools.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free VMware Carbon Black Cloud Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
VMware Carbon Black Endpoint
IBM Resilient
Buyer's Guide
Download our free VMware Carbon Black Cloud Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Carbon Black and Cylance Comparison for EDR
- What's the difference between Carbon Black CB Response and Carbon Black CB Defense?
- What are the pros and cons of internal SOC vs SOC-as-a-Service?
- What are the Top 5 cybersecurity trends in 2022?
- How do you decide about the alert severity in your Security Operations Center (SOC)?
- What is the difference between cyber resilience and business continuity?
- What is the difference between mitigation and remediation in incident response?
- What does the Log4j/Log4Shell vulnerability mean for your company?
- What is an incident response playbook and how is it used in SOAR?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?