Cisco Secure Endpoint (formerly Cisco AMP) vs VMware Carbon Black EDR (formerly Cb Response)

Likelihood to Recommend

Specific tool for specific need. If you have a gap in your security infrastructure (protection from malware) you might think to use Cisco Advanced Malware Protection (AMP) for Endpoints to make sure your company's devices are safe. But also you can go beyond and enforce your SOC with Cisco AnyConnect where Cisco Advanced Malware Protection (AMP) for Endpoints is used as one of modules.

Read full review

Oleksandr Tsapenko

IT Project Manager

SvitSoftInformation Technology & Services, 11-50 employees

View all 9 answers on this topic

Investigating suspicious behavior on an endpoint, ability to kill processes and run files on the host. Ability to view every change made on a system in a timeline format. Ability to search across the enterprise for indicators of compromise. Ability to pull files from the host for further analysis. Ability to safely communicate with an endpoint by isolating it from the rest of the network

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Feature Rating Comparison

Cisco Secure Endpoint (formerly Cisco AMP)

VMware Carbon Black EDR (formerly Cb Response)

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

Cisco Secure Endpoint (formerly Cisco AMP)

VMware Carbon Black EDR (formerly Cb Response)

Company-wide Incident Reporting

Integration with Other Security Systems

Attack Chain Visualization

Centralized Dashboard

Machine Learning to Prevent Incidents

Live Response for Rapid Remediation

Pros

lightweight connector
great integration with other security products
highly effective
will also alert for vulnerable software being used on your systems

Read full review

Wouter Hindriks

Technical Team Lead Network & Security

Missing Piece BVInformation Technology and Services, 11-50 employees

View all 9 answers on this topic

Process tree view of endpoint activity
Ability to pull files from host
Threat Intelligence integration
Isolate a host

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Cons

Sometimes during whitelisting, other files from security tools get isolated even if it's not user intended.
Re-syncing policies also take some time, albeit in a straightforward process.
As with all security software, false-positives are still detected.
Hoping that once the library is expanded further, the false positives will be fewer.

Read full review

Ericson Aragoza

Unified Communications Engineer

VisionsConnectedTelecommunications, 501-1000 employees

View all 9 answers on this topic

Needs more defensive abilities

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Usability

Cisco Secure Endpoint (formerly Cisco AMP) 8.5

Based on 4 answers

I give it a very good score due to its simplicity in deployment, actually being able to do everything remotely is very good. Also noteworthy is the low consumption of resources compared to other competitive products.

Cisco support is really very remarkable and the tool has a good integration with other products, a very good work dashboard and very useful reporting.

Read full review

Sebastián Sarasate

Infrastructure Manager

Grupo Logístico AndreaniLogistics and Supply Chain, 5001-10,000 employees

View all 4 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

Cisco Secure Endpoint (formerly Cisco AMP) 8.1

Based on 12 answers

We have needed very little support, but anytime we need to reach out for assistance they have always been helpful and knowledgeable about the product and helped us resolve any issues or needs we may have

Read full review

Nicole McMillian

Cyber Security Analyst

Associated Wholesale GrocersWholesale, 1001-5000 employees

View all 12 answers on this topic

No score

No answers yet

No answers on this topic

Alternatives Considered

AMP is far superior to Symantec in my opinion. It is much more robust and customizable. It is much easier to manage systems and to spot trouble areas. Deploying and upgrading clients is much simpler. It is a much more lightweight client on the desktop. Overall a much better product in my opinion.

Read full review

Verified User

Engineer in Information Technology

Education Management Company, 1001-5000 employees

View all 9 answers on this topic

CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Return on Investment

HAMP has allowed the team to focus on value added activities instead of constant cleanup of workstations and servers.
AMP is probably not the most cost effective solution, but is very good at protecting your systems.

Read full review

Scott Shipley

Senior IT Manager - Global Infrastructure

Tennant CompanyMachinery, 1001-5000 employees

View all 9 answers on this topic

Increased visibility across the enterprise for threats
Rapid ability to investigate and remediate threats

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Rating Summary

Cisco Secure Endpoint (formerly Cisco AMP)

VMware Carbon Black EDR (formerly Cb Response)

Cisco Secure Endpoint (formerly Cisco AMP)

VMware Carbon Black EDR (formerly Cb Response)

Cisco Secure Endpoint (formerly Cisco AMP)

VMware Carbon Black EDR (formerly Cb Response)