TrustRadius

Carbon Black EDR vs. Microsoft Defender for Endpoint

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Carbon Black EDR
Score 8.1 out of 10
N/A
Carbon Black EDR is an on-premise incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements.N/A
Microsoft Defender for Endpoint
Score 8.9 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Pricing
Carbon Black EDRMicrosoft Defender for Endpoint
Editions & Modules
No answers on this topic
Academic
$2.50
per user/per month
Standalone
$5.20
per user/per month
Offerings
Pricing Offerings
Carbon Black EDRMicrosoft Defender for Endpoint
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Carbon Black EDRMicrosoft Defender for Endpoint
Considered Both Products
Carbon Black EDR
Microsoft Defender for Endpoint
Verified User
Director
Chose Microsoft Defender for Endpoint
Competitive Pricing
Verified User
Director
Chose Microsoft Defender for Endpoint
Used Carbon Black and Endpoint Management. I've tested the Palo Alto's Traps product. And then again, the Microsoft product, it works well because it's integrated into the operating system, so there's a lot less work to do to get it up and running.
Verified User
Advisor
Chose Microsoft Defender for Endpoint
Carbon black, SentinelOne, and EEP. I think Defender is good because it has a really user-friendly interface. I think it's pretty good. It has also given you a lot of details about processes and network connections.
Verified User
Manager
Chose Microsoft Defender for Endpoint
So we do use Carbon Black Cloud, so endpoint detection response in a few situations where a defender cannot be deployed. It does its job well. I would say Defender probably does it better.
Features
Carbon Black EDRMicrosoft Defender for Endpoint
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
Carbon Black EDR
-
Ratings
Microsoft Defender for Endpoint
8.7
77 Ratings
3% above category average
Anti-Exploit Technology00 Ratings8.874 Ratings
Endpoint Detection and Response (EDR)00 Ratings9.176 Ratings
Centralized Management00 Ratings8.876 Ratings
Hybrid Deployment Support00 Ratings7.210 Ratings
Infection Remediation00 Ratings9.074 Ratings
Vulnerability Management00 Ratings8.671 Ratings
Malware Detection00 Ratings9.175 Ratings
Best Alternatives
Carbon Black EDRMicrosoft Defender for Endpoint
Small Businesses
ThreatDown, powered by Malwarebytes
ThreatDown, powered by Malwarebytes
Score 8.7 out of 10
ThreatLocker
ThreatLocker
Score 9.4 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
BlackBerry Protect (CylancePROTECT)
BlackBerry Protect (CylancePROTECT)
Score 9.1 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 9.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Carbon Black EDRMicrosoft Defender for Endpoint
Likelihood to Recommend
8.0
(2 ratings)
8.9
(136 ratings)
Likelihood to Renew
-
(0 ratings)
8.4
(10 ratings)
Usability
-
(0 ratings)
8.7
(11 ratings)
Availability
-
(0 ratings)
9.1
(1 ratings)
Performance
-
(0 ratings)
9.1
(1 ratings)
Support Rating
-
(0 ratings)
9.0
(7 ratings)
Implementation Rating
-
(0 ratings)
7.3
(1 ratings)
Configurability
-
(0 ratings)
8.2
(1 ratings)
Product Scalability
-
(0 ratings)
9.1
(1 ratings)
User Testimonials
Carbon Black EDRMicrosoft Defender for Endpoint
Likelihood to Recommend
Broadcom
We are able to check if any phishing link was visited by the user or not. To check for the whether any file is executed on the machine or not. To check on which port connections are being made by the machine. To create custom watchlist for alert to be investigated by an analyst. To check every process executed in the machine for a specified range.
Verified User
Anonymous
Read full review
Microsoft
It is well integrated with the Microsoft Admin center providing a quick way to find everything you're looking for. However, if there is a problem that needs addressed, you may have to click through a few more pages to find the solution. It will definitely let you know what's going on in your environment.
Verified User
Anonymous
Read full review
Pros
Broadcom
  • Process tree view of endpoint activity
  • Ability to pull files from host
  • Threat Intelligence integration
  • Isolate a host
Verified User
Anonymous
Read full review
Microsoft
  • One, it's crazy lightweight, so compared to some of the competitors that we also have used with our security services, it's really lightweight and so I don't have a lot of overhead on the system that it's running on.
  • It does really fantastic PowerShell integration.
Verified User
Anonymous
Read full review
Cons
Broadcom
  • Number of false positive which are triggered due to threat feeds are sometimes more needs to be fine tuned by the client.
  • In very rare scenarios processes are not captured properly.
Verified User
Anonymous
Read full review
Microsoft
  • So the fact that Defender for Endpoint still works with signatures is actually, I don't know, a little difficult for us because, I mean, since Microsoft trusts those signatures, you can easily inject code. And we've done it many times. To show that you can inject code through vulnerabilities like CV 2013, 99, and 33 but still keep the signature. So because of the trust of those signatures, the malware just kind of slides into the environment without Defender knowing. That's the first part. The second part is that the behavioral analysis is not precisely its Prime. It's not Defender's best capability for endpoints. So, Defender does not identify all behaviors considered by other EDRs in the market.
Verified User
Anonymous
Read full review
Likelihood to Renew
Broadcom
No answers on this topic
Microsoft
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
Verified User
Anonymous
Read full review
Usability
Broadcom
No answers on this topic
Microsoft
It offers multiple security features and integrates well with Microsoft ecosystems. A workflow for threat detection, investigation, automated remediation, and a centralized dashboard is an added advantage. This application is mainly designed for experienced users; new users may feel challenged.
Verified User
Anonymous
Read full review
Reliability and Availability
Broadcom
No answers on this topic
Microsoft
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
Verified User
Anonymous
Read full review
Performance
Broadcom
No answers on this topic
Microsoft
Microsoft Defender for Endpoint is easy on memory and resources on clients.
Verified User
Anonymous
Read full review
Support Rating
Broadcom
No answers on this topic
Microsoft
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Joe Aldeguer | TrustRadius Reviewer
Joe Aldeguer
IT Director
Read full review
Implementation Rating
Broadcom
No answers on this topic
Microsoft
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
Verified User
Anonymous
Read full review
Alternatives Considered
Broadcom
CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.
Verified User
Anonymous
Read full review
Microsoft
Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get many of the control features (disabling USB drives) that Sophos offered out of the box.
MM
Michael Miller
IT Engineer
Read full review
Scalability
Broadcom
No answers on this topic
Microsoft
Microsoft Defender for Endpoint is easily scaled from small orgs to giant enterprises.
Verified User
Anonymous
Read full review
Return on Investment
Broadcom
  • It is helping to protect us from potential loss of revenue that would be caused by malware or a compromised account.
  • It took some time in deploying in the environment , but that time is much worth it because of the results we are getting now.
  • It helps in hunting, which help us check and protect our environment from any cyber attacks.
Verified User
Anonymous
Read full review
Microsoft
  • Reduced incidents of security breaches lead to lower remediation costs and avoid potential financial losses and reputational damage.
  • Reduces the need for additional third-party security solutions and training, thereby lowering overall security management costs.
  • Increased efficiency and productivity of IT staff lead to better allocation of resources and cost savings.
  • Reduces the risk of fines and sanctions associated with non-compliance, ensuring business continuity and protecting revenue.
CF
Carlos Eduardo Faquinello
IT Solutions Architect
Read full review
ScreenShots

Microsoft Defender for Endpoint Screenshots

Screenshot of blocked activitiesScreenshot of Detects & respondsScreenshot of discovers vulnerabilityScreenshot of Eliminates blind spotsScreenshot of Risk management