Attivo Endpoint Detection Net (EDN) vs. VMware Carbon Black Endpoint

Attivo Endpoint Detection Net (EDN)

VMware Carbon Black Endpoint

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
Attivo Endpoint Detection Net (EDN)	Score 7.0 out of 10	N/A	The Attivo Endpoint Detection Net (EDN) is an agentless product designed to complement existing endpoint security solutions by detecting an attacker early in the attack cycle, preventing them from stealing credentials and establishing a foothold. The EDN product tackles endpoint security challenges head-on by making every endpoint a decoy, designed to disrupt an attacker’s ability to break out and further infiltrate the network.	N/A
Carbon Black Endpoint	Score 8.8 out of 10	N/A	The VMware Carbon Black Endpoint solution (formerly Cb Defense) is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems. Endpoint Standard captures and stores endpoint activity, enabling a comprehensive view of any suspicious activity on endpoints, including visibility into the entire attack chain, so users can understand the…	N/A

Pricing

Attivo Endpoint Detection Net (EDN)

VMware Carbon Black Endpoint

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
Attivo Endpoint Detection Net (EDN)	Carbon Black Endpoint
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	Attivo Endpoint Detection Net (EDN)	VMware Carbon Black Endpoint
Top Pros	No answers on this topic	Pro Set up Pro Cloud based Pro Easy to use
Top Cons	No answers on this topic	Minus False positives Minus Third party tool Minus Multiple groups

Features

Attivo Endpoint Detection Net (EDN)

VMware Carbon Black Endpoint

Endpoint Security

Comparison of Endpoint Security features of Product A and Product B
	Attivo Endpoint Detection Net (EDN) 4.4 1 Ratings 63% below category average	VMware Carbon Black Endpoint 9.4 3 Ratings 11% above category average
Anti-Exploit Technology	5.01 Ratings	9.43 Ratings
Endpoint Detection and Response (EDR)	3.01 Ratings	9.73 Ratings
Centralized Management	7.01 Ratings	9.43 Ratings
Hybrid Deployment Support	2.01 Ratings	9.01 Ratings
Infection Remediation	4.01 Ratings	9.73 Ratings
Vulnerability Management	5.01 Ratings	9.62 Ratings
Malware Detection	5.01 Ratings	9.43 Ratings

Best Alternatives
	Attivo Endpoint Detection Net (EDN)	VMware Carbon Black Endpoint
Small Businesses	SentinelOne Singularity Score 9.1 out of 10	SentinelOne Singularity Score 9.1 out of 10
Medium-sized Companies	CrowdStrike Falcon Score 9.2 out of 10	CrowdStrike Falcon Score 9.2 out of 10
Enterprises	BeyondTrust Endpoint Privilege Management Score 8.7 out of 10	BeyondTrust Endpoint Privilege Management Score 8.7 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	Attivo Endpoint Detection Net (EDN)	VMware Carbon Black Endpoint
Likelihood to Recommend	7.0 (1 ratings)	9.0 (7 ratings)
Usability	- (0 ratings)	8.0 (1 ratings)
Support Rating	- (0 ratings)	8.8 (3 ratings)

User Testimonials
	Attivo Endpoint Detection Net (EDN)	VMware Carbon Black Endpoint
Likelihood to Recommend	Attivo Networks Attivo Endpoint Detection Net (EDN) is a suitable option in mid level and large companies to detect insider threats and stealthy attackers. It is highly recommended where data is highly sensitive and there are chances of attack to get access to critical revers to get saves credentials and stored files. for small and medium business this solution is not recommended where perimeter security is already configured. Incentivized Nishant Aggarwal Senior Threat Hunting & Intelligence Analyst Read full review	VMware by Broadcom Cb Defense has been working very well in our organization. It is giving us much better insight into the applications that people are running on their systems (without authorization). This software is also great because it provides visibility into systems that are remote (off the network but still have Internet access). The out of band feature is great to help ensure that the systems are protected even when a user is traveling. Incentivized Verified User Anonymous Read full review
Pros	Attivo Networks To mimic production servers to deceive attackers To detect the lateral movements of adversary through machine learning algorithms To feed dummy data on production servers through threat strike feature Incentivized Nishant Aggarwal Senior Threat Hunting & Intelligence Analyst Read full review	VMware by Broadcom History of Process Execution, really anything that happens in the system is easily seen within the Dashboard. I can determine if a bad actor has infected the system, be it malware, backdoor, rootkit, Trojan, then from that point, I can put the system into Quarantine. Being able to quarantine the system from the Dashboard. With these type of tools, pulling the power and running a hard drive image is not needed. Put the system in quarantine, start the analysis. A year ago, the network engineer might move the system into a VLAN that has no access to anything, except the system performing the remote analysis... Now I do not have to rely on anyone to move a system, power it down, pull the drive, or image the drive. I can just start the analysis right from my workstation. The Live Response, again goes hand in hand with the quarantine feature. By now, I am sure you see a process. Its simple, and easy and all done from a cloud-based console, called the dashboard. .. deploy the agent, create the policy, and active live response, set up email alerts, and monitor your endpoints... you are now ready to perform a triage in the event of an infection. We have step 1, step 2, step 3... but, just remember, things do happen, nothing is perfect, but this product has its advantages. Incentivized Brody Wright Securty Analyst Read full review
Cons	Attivo Networks Attivo Endpoint Detection Net (EDN) should have capability for getting forensics packages from compromised systems in my opinion. I believe Auto phishing email detection capability should be improved to meet industry requirements to tackle phishing attack vector Malware detection capabilities should be improved to work to kernel level for better visibility in my opinion. Incentivized Nishant Aggarwal Senior Threat Hunting & Intelligence Analyst Read full review	VMware by Broadcom Policy management can be cumbersome. It is simple to set up a single policy but you have no way to apply the rules to multiple groups. If you need to set up the same rule to multiple policies, you need to type it over again. Agent updates can be very slow to deploy. We use a mix of rolling out updates via the web console and our management appliance. It can take several weeks to update all agents. We can be confused on why a rule will apply to a file. Sometimes something is blocked but we don't understand why. Incentivized Eric Samuelson Senior Manager of IT Read full review
Usability	Attivo Networks No answers on this topic	VMware by Broadcom The console of the product is very easy to use. It provides great detailed information about all aspects of things occurring on the endpoint. It was easy to deploy and set up. The centralized cloud-based interface has made it easy to add two domains and manage them under a single pane with multiple admins. The only reason I wouldn't give it a higher score is a little bit of lag between updated info from the clients and also the lack of accountability in the deployment process. You set the deployment up for multiple machines and can't easily see if it was successful and/or it takes a while to see if it succeeded or failed. Incentivized Verified User Anonymous Read full review
Support Rating	Attivo Networks No answers on this topic	VMware by Broadcom First, I need to disclose that our support is provided by SecureWorks. We purchased CB Defense from them, and they provide 24x7 monitoring and notification services for the solution and its deployment on our endpoints. To date, we are very pleased with this arrangement Incentivized Kevin Staley MIS Administrator Read full review
Alternatives Considered	Attivo Networks Attivo provides a user friendly management with a centralized manager. We can do configuration of Attivo Endpoint Detection Net (EDN) from a centralized console and deploy the Attivo Endpoint Detection Net (EDN) very easily. In other deception tool like forti deceptor etc, they have a bit poor user interface in my opinion and use-ability feature are improved in Attivo as compared to its competitors solutions I believe Incentivized Nishant Aggarwal Senior Threat Hunting & Intelligence Analyst Read full review	VMware by Broadcom Cb is cloud-based and has a more advanced policy management. It also has better forensics information. Cost was similar, but Cb added cost savings in terms of IT management resources. We also have the ability to talk directly with engineers and have input on feature updates. Incentivized William Bocash IT Manager Read full review
Return on Investment	Attivo Networks Attivo Endpoint Detection Net (EDN) helps to protect information hence Attivo Endpoint Detection Net (EDN) is securing sensitive data therefore ROI is better as loosing the data is much more costlier as per Business Impact Analysis. In small organization ROI is not effective as cost of Attivo Endpoint Detection Net (EDN) is a bit high and data being protected through EDN is not high value asset in my opinon. It is a better technology to detect cyber threats so anyway it is recommended to use for better security posture. Incentivized Nishant Aggarwal Senior Threat Hunting & Intelligence Analyst Read full review	VMware by Broadcom Cb Defense has had a positive impact on the business objectives since we've been able to check off "advanced threat prevention". Incentivized Christopher St.Amand Sr. Network Security Engineer Read full review
ScreenShots		Carbon Black Endpoint Screenshots