Carbon Black App Control vs. Symantec Endpoint Security

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Carbon Black App Control
Score 6.9 out of 10
N/A
Carbon Black App Control is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.N/A
Symantec Endpoint Security
Score 8.9 out of 10
N/A
Symantec Endpoint Protection is the company's flagship antivirus / endpoint security product.
$29.99
1 year 100-249 devices
Pricing
Carbon Black App ControlSymantec Endpoint Security
Editions & Modules
No answers on this topic
Endpoint Security, Initial Hybrid Subscription License With Support
$29.99
1 year 100-249 devices
Symantec Endpoint Security Enterprise, Initial Hybrid Subscription License with Support
$34.99
1 year 1-99 devices
Endpoint Security, Initial Hybrid Subscription License With Support
$90.99
3 years 100-249 devices
Symantec Endpoint Security Enterprise, Initial Hybrid Subscription License with Support
$99.99
3 years 1-99 devices
Symantec Endpoint Security Complete, Initial Hybrid Subscription License with Support
$200
3 years 1-99 devices
Offerings
Pricing Offerings
Carbon Black App ControlSymantec Endpoint Security
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Carbon Black App ControlSymantec Endpoint Security
Considered Both Products
Carbon Black App Control
Chose Carbon Black App Control
VMware Carbon Black EDR and VMware Carbon Black Endpoint
Chose Carbon Black App Control
VMware Carbon Black App Control [(formerly Cb Protection)] is just much more advanced and gives administrators much more insight into the security framework. The cost is higher but at the same time the features are much more advanced. It is also easy to move throughout the …
Chose Carbon Black App Control
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and …
Symantec Endpoint Security
Chose Symantec Endpoint Security
I have worked on many antivirus tools, but according to my opinion, this is a stable and reliable product.
Chose Symantec Endpoint Security
The versions of Mcafee that we've tried don't really cover our small business needs like Symantec Endpoint Security does.
Chose Symantec Endpoint Security
Symantec Endpoint Security seems to be a more mature solution compared with CrowdStrike, particularly when CS was just recently getting their USB blocking functionality rolled out for macOS endpoints this year. Another differentiator with CrowdStrike is that Symantec ES still …
Chose Symantec Endpoint Security
Symantec Endpoint Security offers very similar features to the above products, they all do the same thing in terms of protecting your endpoints against cybersecurity threats. Installation wise the products all install from a central management system and report back to this for …
Chose Symantec Endpoint Security
Symantec Endpoint Security stacks up very well against the competition. One thing that is very different about Symantec compared to the competitors is that Symantec will not steal all your PC resources and will run fine with most applications. Some other AV products are …
Chose Symantec Endpoint Security
We've completed a POV on Crowdstrike Falcom Endpoint Protect and are very excited to move over to that platform and away from the Symantec protect suite. Crowdstrike has behavior based analysis and scanning, vulnerability detection, and best of bread support and managed …
Chose Symantec Endpoint Security
In comparison with Microsoft Defender for Endpoint Symantec Endpoint Security has, in my opinion, more scalable file inspection/spyware/antivirus settings. Plus it is more stable in a multi-OS user environment. But it also has numerous issues with itself and related Symantec …
Chose Symantec Endpoint Security
Haven't had to use or consider another product. SES Does it all and more
Chose Symantec Endpoint Security
Cylance: (Active Engage) (Cost 4x Symantec [Endpoint Security]) Cylance is a good product but we have it through an MSSP and only have read-only. The certification and training for the entry [are] like 3 hours of videos but a smart person can just go in and look as the system …
Chose Symantec Endpoint Security
We have evaluated McAfee, it degrades the performance of computers and also the feature set were not properly working, it also lacked the key features that we require, the cost is also higher, on other hand we also evaluated Microsoft system center endpoint protection it has …
Chose Symantec Endpoint Security
Simply superior in every way in my opinion. These others were not in the market when we started with SEP.
Chose Symantec Endpoint Security
Symantec Endpoint Production is hands down my least favorite endpoint projection software on the market today. It's a difficult endpoint to deploy, manage and remove. It's a heavy client so once you get it installed it consumes a large amount of resources on the endpoint. …
Chose Symantec Endpoint Security
I have used competing software from different vendors such as McAfee, Eset, and Trend Micro. I found that Symantec Endpoint Security distributes its updates flawlessly and sends a very clear and comprehensive daily report. I also find the customer service very helpful once it …
Chose Symantec Endpoint Security
Symantec Endpoint Protection really shines against its competitors when it comes to centralized management. It falls a little short when it comes to cloud deployments.
Chose Symantec Endpoint Security
More robust options and protections than Malware Bytes. Better overall detection and alerting to security issues. The overall ROI was better for us and we felt would also give us a stronger line of defense in our overall security strategy. We chose Symantec Endpoint because it …
Chose Symantec Endpoint Security
Symantec Endpoint Protection outperformed all other competitor front-line antivirus products with more accurate signature detections and less false positives. We ultimately chose to pair SEP with Malwarebytes Anti-Malware to provide a more comprehensive security solution that …
Chose Symantec Endpoint Security
I have used Symantec Endpoint Protection for many years successfully. I truthfully have not compared it to any of the other major alternatives out there, as Symantec Endpoint Protection has continued to get the job done.
Chose Symantec Endpoint Security
Eset is better for on-premises integration. You install the administration console on a local machine, unlike Symantec Endpoint Protection, which is entirely cloud-based, and you can scan your network and perform silent installs. They seem to have a reasonable level when it …
Chose Symantec Endpoint Security
Malwarebytes and Norton Internet Security
Chose Symantec Endpoint Security
We did use a mix of Symantec and ClamWin AV and after that a mix of Symantec and AVG for our store locations. We also tested Comodo and McAfee at one point. McAfee was too expensive for our budget and Comodo I believe just didn't deploy to our store locations easily. We did …
Chose Symantec Endpoint Security
Our company has used both the Norton and Symantec systems for years. Therefore, I have never used any other system. We are so pleased with Symantec and have never seen a need to use any other programs.
Chose Symantec Endpoint Security
The company decided to opt for Symantec Endpoint Protection because of efficiency and what it promises to do. Besides being an investment which has been used for more than 10 years. For any and all problems, the software presents a solution at the time, in addition to sending …
Chose Symantec Endpoint Security
Symantec Endpoint Protection stacks up well against its competitors. It's priced very competitively. It's easy to install. Most important of all it catches viruses and prevents them from attacking one's computer.
Features
Carbon Black App ControlSymantec Endpoint Security
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
Carbon Black App Control
-
Ratings
Symantec Endpoint Security
9.2
Ratings
7% above category average
Anti-Exploit Technology00 Ratings9.00 Ratings
Endpoint Detection and Response (EDR)00 Ratings9.90 Ratings
Centralized Management00 Ratings9.00 Ratings
Hybrid Deployment Support00 Ratings9.00 Ratings
Infection Remediation00 Ratings9.00 Ratings
Vulnerability Management00 Ratings9.80 Ratings
Malware Detection00 Ratings9.00 Ratings
Best Alternatives
Carbon Black App ControlSymantec Endpoint Security
Small Businesses
GitLab
GitLab
Score 8.8 out of 10
ThreatLocker
ThreatLocker
Score 9.2 out of 10
Medium-sized Companies
Veracode
Veracode
Score 8.7 out of 10
BlackBerry Protect (CylancePROTECT)
BlackBerry Protect (CylancePROTECT)
Score 9.1 out of 10
Enterprises
Veracode
Veracode
Score 8.7 out of 10
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 10.0 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Carbon Black App ControlSymantec Endpoint Security
Likelihood to Recommend
10.0
(0 ratings)
9.0
(0 ratings)
Likelihood to Renew
-
(0 ratings)
9.1
(0 ratings)
Usability
-
(0 ratings)
9.0
(0 ratings)
Availability
-
(0 ratings)
9.0
(0 ratings)
Support Rating
-
(0 ratings)
1.0
(0 ratings)
Implementation Rating
-
(0 ratings)
6.4
(0 ratings)
User Testimonials
Carbon Black App ControlSymantec Endpoint Security
Likelihood to Recommend
It is more suited to lock down critical systems and servers to prevent unwanted changes, although you can use it on daily basis on laptops and desktops, it needs constant attention and events analysis. For some scenarios i.e. financial institutions it is a must-have solution, as App Control now is a requirement 5 of PCI DSS.
Read full review
We have found that Symantec Endpoint Security is better suited to newer systems running faster processors and more than 8GB RAM otherwise the client agent takes up too many resources and slows the system down. However, if you have a reasonably modern fleet of systems it does everything you would expect from an Endpoint Protection solution and works well as part of a multi-layered cybersecurity policy.
Read full review
Pros
  • Device Control - you can view and allow/disallow the ability for certain devices to be used in your environment. Specifically we used this with USB drives. If you have one you want to use - whitelist the serial number. The rest can't be used. Simple and easy.
  • Software blocking. If you have an extremely dynamic software base (I doubt this is likely) this could get a bit annoying, but for most organizations like ours where we have specific applications that are required, and then the rest are a bit of an afterthought, it's easy to whitelist the correct applications that you want to be able to run in your environment. The rest can't run (in high enforcement). Users are able to easily request new applications, and you can set certain groups to be able to approve it on their own.
  • Solid platform - with few exceptions setting up new software was very easy (Dragon Medical was a bit tricky, but worked through it with support). Once you have your rules set up and the initial setup done, you tend not to have to do much of anything except to update on occasion and deal with a few requests for applications to be unblocked, or publishes approved.
Read full review
  • The virus and spyware protection has worked well for us, catching several things and quarantining the items or cleaning them.
  • The virus definitions very rarely fail to update for the users, so I feel confident that my client machines are kept up to date.
  • I like the report I get daily telling me about threats found and action taken without having to login to the console to look it up myself.
Read full review
Cons
  • More frequently updates of "Software Updaters".
  • Possibilities to tag within Yara rules.
  • Overall it is the best whitelisting solution I have used.
Read full review
  • Removing dead clients from the console. This is nearly impossible to do, and makes keeping the console clean a very difficult task.
  • Poorly tested versions are sometimes released that cause serious issues for users. This ranges from browsers malfunctioning to BSOD errors.
  • Malware detection is good but not great. We are not confident in SEP by itself to neutralize malware threats. It's detection rate just isn't high enough for next generation and zero day threats.
Read full review
Likelihood to Renew
No answers on this topic
Continued satisfied support. The saying "if it ain't broke, don't fix it..." comes to mind. It works, and we'll continue to use it and support Symantec.
Read full review
Usability
No answers on this topic
The rating reflects Symantec Endpoint Security's ability to balance enterprise grade security with user-friendly workflows or advanced configurations require extra effort. For most organizations, the streamlined management and robust automation justify the high score. Management GUI is old fashined and need to be improve. Older devices may experience slowdowns during full scans without careful configuration.
Read full review
Reliability and Availability
No answers on this topic
We've used it for years and the software is easy to use. The dashboard is easy to read, and you can easily figure out where to go to troubleshoot or deploy software. Symantec is there for emergencies like backup restoration or file retrieval. It's pretty low maintenance. Symantec is there when your IT infrastructure needs it
Read full review
Support Rating
No answers on this topic
Support is completely awful! You can never get anyone to help if you can even find a number to call. The support web portal is a joke and their response time if you're even able to submit a ticket is ridiculously slow.
Read full review
Implementation Rating
No answers on this topic
Use a third party deployment tool and not the deployment option within the SEP Manager itself.
Read full review
Alternatives Considered
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
Read full review
Symantec Endpoint Security seems to be a more mature solution compared with CrowdStrike, particularly when CS was just recently getting their USB blocking functionality rolled out for macOS endpoints this year. Another differentiator with CrowdStrike is that Symantec ES still provides both on-demand scanning & real-time signature-based detection in addition to solely real-time machine learning detection whereas on-demand scanning and signatures are not available on CrowdStrike. This means there is a doubt as to whether we can use CS to comply with some of our PCI DSS obligations which specifically require the use of signature-based antivirus solutions.
Read full review
Return on Investment
  • Dashboards are easy to understand for management
  • We feel more secure than we were on our previous platform
Read full review
  • Symantec [Endpoint Security] cost 50k less than other options while providing similar benefits over the last year
  • Cylance conflicted with Symantec [Endpoint Security] and Cisco Umbrella Client (All 3 at the same time) causing us to rebuild many desktops
  • Symantec [Endpoint Security] made it easy to detect where issues were and repair them
Read full review
ScreenShots