Carbon Black App Control vs. Carbon Black Endpoint

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Carbon Black App Control
Score 8.9 out of 10
N/A
Carbon Black App Control is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.N/A
Carbon Black Endpoint
Score 8.7 out of 10
N/A
Carbon Black Endpoint is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems.N/A
Pricing
Carbon Black App ControlCarbon Black Endpoint
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Carbon Black App ControlCarbon Black Endpoint
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details——
More Pricing Information
Community Pulse
Carbon Black App ControlCarbon Black Endpoint
Considered Both Products
Carbon Black App Control
Chose Carbon Black App Control
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and …
Carbon Black Endpoint
Chose Carbon Black Endpoint
Cb is cloud-based and has a more advanced policy management. It also has better forensics information. Cost was similar, but Cb added cost savings in terms of IT management resources. We also have the ability to talk directly with engineers and have input on feature updates.
Top Pros
Top Cons
Features
Carbon Black App ControlCarbon Black Endpoint
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
Carbon Black App Control
-
Ratings
Carbon Black Endpoint
9.1
4 Ratings
7% above category average
Anti-Exploit Technology00 Ratings10.04 Ratings
Endpoint Detection and Response (EDR)00 Ratings10.04 Ratings
Centralized Management00 Ratings8.04 Ratings
Hybrid Deployment Support00 Ratings8.02 Ratings
Infection Remediation00 Ratings10.04 Ratings
Vulnerability Management00 Ratings9.03 Ratings
Malware Detection00 Ratings9.04 Ratings
Best Alternatives
Carbon Black App ControlCarbon Black Endpoint
Small Businesses
GitLab
GitLab
Score 8.6 out of 10
ThreatLocker
ThreatLocker
Score 9.1 out of 10
Medium-sized Companies
Veracode
Veracode
Score 8.9 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Enterprises
Checkmarx
Checkmarx
Score 9.1 out of 10
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 9.6 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Carbon Black App ControlCarbon Black Endpoint
Likelihood to Recommend
10.0
(3 ratings)
9.0
(8 ratings)
Usability
-
(0 ratings)
10.0
(2 ratings)
Support Rating
-
(0 ratings)
8.8
(3 ratings)
User Testimonials
Carbon Black App ControlCarbon Black Endpoint
Likelihood to Recommend
Broadcom
Cb Protect is best suited somewhere where you want to maximize the lockdown of workstations. So moving past no local admin rights to blocking specific applications and peripherals. The idea would be to have a list of applications you want to run, and then anything else is not able to be used. As stated prior, if you have a very fluid environment where you are having all sorts of new applications installed frequently (I feel for you!!) this is still do-able, but it misses the general idea. I think especially in environments that are more sensitive to new applications, like banks, healthcare systems etc, this is a good fit. The ability to look at application levels, drift, unapproved software etc is very useful.
Read full review
Broadcom
Cb Defense has been working very well in our organization. It is giving us much better insight into the applications that people are running on their systems (without authorization). This software is also great because it provides visibility into systems that are remote (off the network but still have Internet access). The out of band feature is great to help ensure that the systems are protected even when a user is traveling.
Read full review
Pros
Broadcom
  • Controls file writes, executions of the scripts
  • Defends from process injections, memory protection
  • Visibility and lock down posibilities
Read full review
Broadcom
  • History of Process Execution, really anything that happens in the system is easily seen within the Dashboard. I can determine if a bad actor has infected the system, be it malware, backdoor, rootkit, Trojan, then from that point, I can put the system into Quarantine.
  • Being able to quarantine the system from the Dashboard. With these type of tools, pulling the power and running a hard drive image is not needed. Put the system in quarantine, start the analysis. A year ago, the network engineer might move the system into a VLAN that has no access to anything, except the system performing the remote analysis... Now I do not have to rely on anyone to move a system, power it down, pull the drive, or image the drive. I can just start the analysis right from my workstation.
  • The Live Response, again goes hand in hand with the quarantine feature.
  • By now, I am sure you see a process. Its simple, and easy and all done from a cloud-based console, called the dashboard. .. deploy the agent, create the policy, and active live response, set up email alerts, and monitor your endpoints... you are now ready to perform a triage in the event of an infection. We have step 1, step 2, step 3... but, just remember, things do happen, nothing is perfect, but this product has its advantages.
Read full review
Cons
Broadcom
  • Perhaps more specific training.
Read full review
Broadcom
  • Policy management can be cumbersome. It is simple to set up a single policy but you have no way to apply the rules to multiple groups. If you need to set up the same rule to multiple policies, you need to type it over again.
  • Agent updates can be very slow to deploy. We use a mix of rolling out updates via the web console and our management appliance. It can take several weeks to update all agents.
  • We can be confused on why a rule will apply to a file. Sometimes something is blocked but we don't understand why.
Read full review
Usability
Broadcom
No answers on this topic
Broadcom
The console of the product is very easy to use. It provides great detailed information about all aspects of things occurring on the endpoint. It was easy to deploy and set up. The centralized cloud-based interface has made it easy to add two domains and manage them under a single pane with multiple admins. The only reason I wouldn't give it a higher score is a little bit of lag between updated info from the clients and also the lack of accountability in the deployment process. You set the deployment up for multiple machines and can't easily see if it was successful and/or it takes a while to see if it succeeded or failed.
Read full review
Support Rating
Broadcom
No answers on this topic
Broadcom
First, I need to disclose that our support is provided by SecureWorks. We purchased CB Defense from them, and they provide 24x7 monitoring and notification services for the solution and its deployment on our endpoints. To date, we are very pleased with this arrangement
Read full review
Alternatives Considered
Broadcom
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
Read full review
Broadcom
Cb is cloud-based and has a more advanced policy management. It also has better forensics information. Cost was similar, but Cb added cost savings in terms of IT management resources. We also have the ability to talk directly with engineers and have input on feature updates.
Read full review
Return on Investment
Broadcom
  • App Control can ensure Continuous Compliance.
  • Solution can reduce expenses on different security software.
  • Nowadays Zero Trust approach is very important for any organization and Application control is one of the main parts of it.
Read full review
Broadcom
  • Cb Defense has had a positive impact on the business objectives since we've been able to check off "advanced threat prevention".
Read full review
ScreenShots

Carbon Black Endpoint Screenshots

Screenshot of Cb Defense Dashboard
See every attack and potential threat at a glance in this interactive viewScreenshot of Cb Defense Alert Triage
Get answers to how and why each attack occurredScreenshot of Cb Defense Response
Strengthen your defenses with every attack