Carbon Black EDR
Editedit
Carbon Black EDR
By Carbon Black
Show rating breakdown
4.4 out of 5 stars
See all 86 Carbon Black EDR reviews
Save to My Lists
Claimed
Claimed
This profile has been claimed by Carbon Black EDR, but it has limited features.
Do you work at Carbon Black EDR? Upgrade your plan to update branding and connect with profile visitors!

Top Rated Carbon Black EDR Alternatives

Todyl Security Platform
(43)
4.7 out of 5
Visit WebsiteNew Tab
SponsoredYou’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Microsoft Defender for Endpoint
(306)
4.4 out of 5
SentinelOne Singularity
(183)
4.7 out of 5
See all Carbon Black EDR Alternatives

Carbon Black EDR Reviews & Product Details - Page 4

Editadmin

Carbon Black EDR Overview

Editedit
What is Carbon Black EDR?

Carbon Black EDR is a market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Carbon Black EDR makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Carbon Black EDR also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement. Continuous and Centralized Recording Centralized access to continuously recorded endpoint data means that security professionals have the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred. Live Response for Remote Remediation With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world. Attack Chain Visualization and Search Carbon Black EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps and learn from every new attack technique to avoid falling victim to the same attack twice. Automation via Integrations and Open APIs Carbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Carbon Black EDR into their existing security stack.

Carbon Black EDR Details
Discussions
Carbon Black EDR Community
Languages Supported
English
Show LessShow More
Product Description

Carbon Black EDR is an incident response and threat hunting solution designed for security teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores comprehensive endpoint activity data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. Top SOC teams, IR firms and MSSPs have adopted Carbon Black EDR as a core component of their detection and response capability stack. Carbon Black EDR is available via MSSP or directly via on-premises deployment, virtual private cloud or software as a service.

How do you position yourself against your competitors?

Carbon Black EDR benefits security teams by providing faster end-to-end response and remediation, accelerated IR and threat hunting with continuous endpoint visibility, rapid identification of attacker activities and root cause, remote access to infected endpoints for in-depth investigation, better protection from future attacks through automated hunting, and unlimited retention and scale for the largest installations. Key capabilities include out-of-the-box and customizable behavioral detection, multiple customizable threat intel feeds, automated watchlists, process and binary search of centralized data, interactive attack chain visualization, Live Response for rapid remediation and more. Carbon Black EDR leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior. Customers that augment or replace legacy antivirus solutions with Carbon Black EDR do so because those legacy solutions lack visibility and context, leaving customers blind to attacks.

Seller Details
Seller
Carbon Black
Year Founded
2002
HQ Location
Waltham, MA
LinkedIn® Page
www.linkedin.com
370 employees on LinkedIn®
Description

Carbon Black empowers top security teams to close the Risk Gap they face today. Specific directed attacks are now the cybercrime norm, and no business is exempt. There’s increasing cyber-insurance scrutiny, and government regulations continue to get stricter. In this context, security teams can no longer rely on general security platforms alone. Rather, teams must be empowered with deeper visibility and more control in order to tailor response to their unique environment. With Carbon Black, security teams have unprecedented ability to see directed attacks, contain potential impact, change policies with no user interruption, prevent repeat incidents, and measure what they stopped.

HB
Overview Provided by:
Hope Boyer

Recent Carbon Black EDR Reviews

Abhijeet K.
AK
Abhijeet K.Small-Business (50 or fewer emp.)
5.0 out of 5
"My experience with the product was great!"
The Corbon Black EDR is a powerfull cybersecurity solution designed to provide real time visibility into endpoint activities, enabling advanced thr...
Read more
Verified User
U
Verified UserMid-Market (51-1000 emp.)
4.0 out of 5
"Powerful Endpoint Visibility and Threat Hunting Tool"
Carbon Black EDR excels in presenting deep visibility into endpoint hobby, that is critical for real-time danger detection and response. The abilit...
Read more
Martins O.
MO
Martins O.Mid-Market (51-1000 emp.)
5.0 out of 5
"Endpoint Detection & Response (EDR) Software"
Carbon Black EDR has ability to monitors endpoint abd capture how data is processes, file execution and file paths, the network connection. It help...
Read more
Security Badge
This seller hasn't added their security information yet. Let them know that you'd like them to add it.
0 people requested security information

Carbon Black EDR Media

Carbon Black EDR Demo - Binary Search
Binary Search
Carbon Black EDR Demo - Event Collection
Event Collection
Carbon Black EDR Demo - Live Query
Live Query
Carbon Black EDR Demo - Live Response
Live Response
Carbon Black EDR Demo - Process Analysis
Process Analysis
Carbon Black EDR Demo - Process Search
Process Search
Answer a few questions to help the Carbon Black EDR community
Have you used Carbon Black EDR before?
Yes

86 Carbon Black EDR Reviews

4.4 out of 5
The next elements are filters and will change the displayed results once they are selected.
Search reviews
Popular Mentions
The next elements are radio elements and sort the displayed results by the item selected and will update the results displayed.
Hide FiltersMore Filters
The next elements are filters and will change the displayed results once they are selected.
  • Company SizeExpand/Collapse Company Size Filter
  • User RoleExpand/Collapse User Role Filter
  • CategoryExpand/Collapse Category Filter
  • IndustryExpand/Collapse Industry Filter
  • RegionExpand/Collapse Region Filter
The next elements are filters and will change the displayed results once they are selected.
  • Sort By:
    G2 Sort
86 Carbon Black EDR Reviews
4.4 out of 5
  • Sort By:
    G2 Sort
86 Carbon Black EDR Reviews
4.4 out of 5
  • Sort By:
    G2 Sort

Carbon Black EDR Pros and Cons

How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Cons

Overall Review Sentiment for Carbon Black EDRQuestion

Time to Implement
<1 day
>12 months
Return on Investment
<6 months
48+ months
Ease of Setup
0 (Difficult)
10 (Easy)
Log In
Want to see more insights from verified reviewers?
Log in to view review sentiment.
G2 reviews are authentic and verified.
Here's how.
Nishant K.
NK
security Engineer
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best about Carbon Black EDR?

This has one of the best correlation mechanics which enables Cb to fetch data from various sources and that too very precisely categorized. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

Defensive capability needs more upgrades Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

Go for it best solution for an organization Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

Real time host devices scanning is one of the beat features to monitor changes that happen in any endpoint. It helps a lot in managing systems and resolving system level issues with ease. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Swapnil R.
SR
Security Analyst
Computer & Network Security
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
(Original )Information
What do you like best about Carbon Black EDR?

When securing the enterprise organizations we cannot only depend on SIEM, threat intelligence and firewall management. Protecting internal endpoint devices is one of challenging job for the organization. Carbon Black Response defend against known as well as emerging threats, so the endpoint users work with confidence that their devices are secured. It is user friendly and very effective tool when we consider the endpoint security and Threat hunting. It gives complete visibility of every endpoint/sensors in organization. It provides threat intelligence feeds and reports for all know threats and malware signatures. It also provides customization watchlists by creating own queries so we can set alerts according to requirement. Process and binary searches are very good feature and very useful for threat hunting. We can block/ban the binaries and also isolate the endpoint which is best of the tool. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

Analyst requires good skills for investigate and threat hunting purpose, it is somewhat difficult for beginners to work on CB Response as it requires deep knowledge of all the processes and it's executions.

Threat Intel reports generate some false positive alerts which are hectic sometimes. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

CB Response is must have tool for all security professionals. It is very helpful for effective threat hunting and securing the endpoints. It gives complete visibility of each and every process executing on the endpoint devices. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

Benefits are you can do threat hunting very effectively by deeply hunting IOC's and threat signatures. Problems we facing that we have to manually check the reputations of the binaries. It is better if tool give reputations or can give functionality to call API of some reputation check sites. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Verified User in Law Practice
AL
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: Organic
What do you like best about Carbon Black EDR?

I can find what I am looking for when I need it. The product providers us with rich telemetry and can pretty much find anything on a machine where many others cannot. Isolate functions very well and it fast. Most SOC/Incident Response providers use this tool so its best to have this in your organization and deployed already. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

Some complex searches using wild cards do not work very well. Some searching capabilities could be improved to make it easier. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

An EDR tool is supposed to be used for investigations and containment. How long does it take you to contain a file/hash and machine? It should be fast and CBR delivers!! Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

CBR provides us with depth of telemetry from all our devices world-wide. It allows us to hunt and perform incident response anywhere. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Kevin K.
KK
IT Director
Information Technology and Services
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: Seller invite
Incentivized Review
(Original )Information
What do you like best about Carbon Black EDR?

CB Response provides our staff with an extremely detailed and concise overview of our endpoints. Utilizing the tools provided by Response, we can effectively track threats, be notified of detected threats, and quickly investigate and respond to those threats all from one interface. The fact that this is a single product which incorporates all these tools is wonderful. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

As with their CB Protection product, I feel that the administrative interface can be a bit challenging at times. Without prior training on the product, it would be difficult to navigate and perform investigations. Thankfully, the product was provided with an in-depth training process to assist our staff with being acclimated within the environment. By completing the training, my staff was very comfortable navigating and using the product. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

The biggest lift when implementing this product was the steep hardware requirements. Make sure you have a dedicated server with high-end CPU, RAM, and storage components. The product is collecting, querying, and storing data constantly and requires a significantly powerful server. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

The biggest challenge that CB Response solves for our company is the ability to detect, quickly respond, and investigate a threat so that we can take pro-active measures in preventing future threats. The 'Watchlist' component is a valuable tool in which our staff can craft custom events, sequences, or procedures which indicate bad behavior on the system. Using the query language, the various activity logs can be searched to investigate what and endpoint was doing prior, during, and after a reported issue. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Verified User in Fund-Raising
UF
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: G2 invite
Incentivized Review
What do you like best about Carbon Black EDR?

We have Carbon Black Response running as part of a Managed Security offering. It has detected quite a few issues on the machines where it was installed. This includes obfuscated powershell code and excel documents that run executables. Having this kind of detection makes use trust our security posture even more.

We occasionally use it for troubleshooting purposes, so nothing security related. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

Luckily for us it is a managed service and so we do not have to do anything ourselves. Otherwise is would take a steep learning curve to take the most advantage of this product. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

If you need the forensics capabilities this is the go-to product. Just make sure you have in-house knowledge or get it as a managed service. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

We needed the extra protection and the forensics data. So far it has proved useful in detecting malicious or at least questionable software. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
JG
Cyber Security Admin
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Review source: Seller invite
Incentivized Review
What do you like best about Carbon Black EDR?

I mostly like the Go Live feature to be able to use that for basic administration and/or for other security reasons and being able to have this way to access a pc is useful for me. Most other features we have not even been able to dive into yet and are currently still reviewing. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

I haven't used their support in awhile so I'm not sure on how they are currently doing in that area. Hopefully it's just our server with it being in a master/slave cluster but the email alerts to detection's seem to be slow. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

Response may have more features than what you need. If you use their watchlists/alerting you can't really fine tune those out for your environment and it seems to be an either turn on or off type of thing. It's been awhile since I was able to check that and it may have changed to the better, hopefully. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

Being able to assist with pcs that lose domain trust and no longer having to ship them to us. Used it to search out what processes happening on a device to understand what happened when something broke on a pc to know when the issue started. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Verified User in Financial Services
UF
Enterprise(> 1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best about Carbon Black EDR?

The API's - Ability to write Python or PowerShell Scripts allows us to pull data back faster than if we had to log into the system and it also saves a ton of time. We have also used their Community portal where customers share development scripts.

Intelligence feeds allow us to pull down data from our Threat Intel vendor into CbR and then create WatchList from it.

GoLive - I love this feature to have full access to a machine, it allows us to upload files / scripts and then pull down the results. This has speed up IR. Also gives us a quick way to determine if our AV quarantined a file or if the file still exists on the file system Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

GoLive command interface could use some work, the commands are very limited and not like the DOS or Linux commands we are used to. Ex Can't do "dir /s" or delete a whole folder.

Creating complex watchlists are not that intuitive, it's easy to mess them up and you would not know it unless you had sample / test cases to run them thru.

Very little access control, either have Global rights or Admin rights. We are two version back, so they have made enhancements to allow access to only certain Sensor groups and GoLive.

Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

You need to have an understanding of the OS's that you going to deploy to. Ex. Understand the file system along with system calls. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

Determine what happened on a machine for Incident Response by our Security Operations Center and Forensics teams

Being able to figure out where the infections came from (Phishing Emails, Web Download, Unwanted Software package in with other apps, etc)

We have reduced the amount of time it tasks an analysis to perform their daily job functions. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Melisa J.
MJ
Director of IT
Computer Software
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
What do you like best about Carbon Black EDR?

Cb response on Windows endpoints it is easy deploy, maintain and support. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

Cb response management tool is not much user friendly especially if you are not well

trained. It may be able to start effective investigation at First side, is better there should be some training for incident response team. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

If your company still on old fashion end points which has lower system resources,then is time you upgrade your end points before they raise complains for slow performance regardless of their task. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

This is a healthy and thriving resources that has enabled our team to perform remote lnvestigation. It has got an excellent feature called window assets which is able to give response which gives response which is stable and offers unparallel insights into what is going on your end point with a minimum suport required. In addition to that user exchange has been very helpful in that in almost an kind of endpoint activity there are reachable details hence enabling tracking of threa. tbytools and give response to them in real time Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Verified User in Information Technology and Services
AI
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Verified Current User
Review source: Seller invite
Incentivized Review
(Original )
What do you like best about Carbon Black EDR?

-Ease of use

-Easy to deploy agents

-Ability to auto upgrade sensors as new updates are released.

-Intelligence feeds that make CB response what it is.

-Ability to create custom watch lists Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

CB tends to push out sensor updates and CB application updates that seem to not have been tested enough which leads to issues in Production that sometimes take longer then usual in resolving. The lack of development with response as there seems to be a lack of updates as CB has been concentrating more on PSC. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

I would recommend testing Threat hunter by CB as well and comparing both Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

Having the ability to monitor and analyse any potential threads or attacks in progress across all end points. With CB response, we were able to detect an attack and quickly isolate hosts affected. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link
Mercy N.
MN
IT Manager
Telecommunications
Mid-Market(51-1000 emp.)
More Options
Validated Reviewer
Review source: G2 invite
Incentivized Review
What do you like best about Carbon Black EDR?

So far this software has enabled me to respond rapidly and stop active attacks and it has also helped capture comprehensive information about endpoint events.CB Response software is the best software when it comes to delivering advanced threat hunting incidences. CB response software is so far the best saftware in curbing security threats and this qualifies as being one feature that i like. Review collected by and hosted on G2.com.

What do you dislike about Carbon Black EDR?

So far CB Response has been of assistance to my daily routine of work as there has not been so much disadvantage of using the software. However the software is a sophisticated one and requires a lot of understanding bt its easy to use this particular software. So far the software has no much dislikes. Review collected by and hosted on G2.com.

Recommendations to others considering Carbon Black EDR:

I recommend this software to others considering about it as the software is fast as it captures comprehensive information in just minutes. Its also efficient as it merges threats and suspicious behaviours. So far so good as it is the best in threat hunting and stopping attacks. I reccomend the use of this software as it is a fast responder to threats. Review collected by and hosted on G2.com.

What problems is Carbon Black EDR solving and how is that benefiting you?

CB Response software has been helpful in isolating infected systems in my PC and removing malicious files to prevent lateral movement and this has helped more so with the security. It has also helped me in securing shell access to any endpoint with Live Response as it has helped in responding to threats immediately. Review collected by and hosted on G2.com.

Show More
Show Less
Helpful?
Share
Admin Approval Link

Carbon Black EDR Comparisons

Compare Carbon Black EDR vs. Microsoft Defender for Endpoint
Compare Carbon Black EDR vs. Microsoft Defender for Endpoint
Carbon Black EDRVSMicrosoft Defender for Endpoint
Compare Carbon Black EDR vs. Carbon Black Cloud
Compare Carbon Black EDR vs. Carbon Black Cloud
Carbon Black EDRVSCarbon Black Cloud
Compare Carbon Black EDR vs. SentinelOne
Compare Carbon Black EDR vs. SentinelOne
Carbon Black EDRVSSentinelOne
Compare Carbon Black EDR ratings to similar products

Explore More

Last In, First Out (LIFO)
Discrete vs Continuous Data
Best CRM Software I Found After Testing 30+ CRMs
Best Payroll Software
Data Center Infrastructure Management (DCIM)
Microsoft 365 Reviews
ZoomInfo Competitors
Best Photo Editing Software
Pros and Cons Details
Carbon Black EDR