TrustRadius

Cofense Triage vs. VMware Carbon Black EDR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cofense Triage
Score 9.1 out of 10
Enterprise companies (1,001+ employees)
Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.N/A
VMware Carbon Black EDR
Score 8.4 out of 10
N/A
VMware Carbon Black EDR (formerly Cb Response) is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR records and stores endpoint activity data so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of…N/A
Pricing
Cofense TriageVMware Carbon Black EDR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cofense TriageVMware Carbon Black EDR
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
YesNo
Entry-level Setup FeeOptionalNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cofense TriageVMware Carbon Black EDR
Top Pros
Top Cons
Features
Cofense TriageVMware Carbon Black EDR
Incident Response Platforms
Comparison of Incident Response Platforms features of Product A and Product B
Cofense Triage
7.0
35 Ratings
20% below category average
VMware Carbon Black EDR
8.3
2 Ratings
3% below category average
Integration with Other Security Systems6.634 Ratings8.02 Ratings
Attack Chain Visualization6.627 Ratings9.02 Ratings
Centralized Dashboard8.035 Ratings9.02 Ratings
Live Response for Rapid Remediation6.831 Ratings8.02 Ratings
Company-wide Incident Reporting00 Ratings9.02 Ratings
Machine Learning to Prevent Incidents00 Ratings7.02 Ratings
Best Alternatives
Cofense TriageVMware Carbon Black EDR
Small Businesses
ThreatDown, powered by Malwarebytes
ThreatDown, powered by Malwarebytes
Score 8.7 out of 10
ThreatDown, powered by Malwarebytes
ThreatDown, powered by Malwarebytes
Score 8.7 out of 10
Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cofense TriageVMware Carbon Black EDR
Likelihood to Recommend
8.1
(38 ratings)
8.0
(2 ratings)
Likelihood to Renew
10.0
(1 ratings)
-
(0 ratings)
Usability
10.0
(1 ratings)
-
(0 ratings)
Availability
10.0
(1 ratings)
-
(0 ratings)
Performance
10.0
(1 ratings)
-
(0 ratings)
In-Person Training
10.0
(1 ratings)
-
(0 ratings)
Implementation Rating
10.0
(1 ratings)
-
(0 ratings)
Configurability
10.0
(1 ratings)
-
(0 ratings)
Product Scalability
10.0
(1 ratings)
-
(0 ratings)
Vendor post-sale
10.0
(1 ratings)
-
(0 ratings)
Vendor pre-sale
10.0
(1 ratings)
-
(0 ratings)
User Testimonials
Cofense TriageVMware Carbon Black EDR
Likelihood to Recommend
Cofense
The tool is very helpful in improving Phishing detection capabilities as it streamlines the process of analyzing user reports a lot. Besides it has a built-in mechanism of rating reporters(end-users) based on their historical performance. Downside - tool requires continuous resource investment to deliver best result. Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors
Verified User
Anonymous
Read full review
VMware by Broadcom
We are able to check if any phishing link was visited by the user or not. To check for the whether any file is executed on the machine or not. To check on which port connections are being made by the machine. To create custom watchlist for alert to be investigated by an analyst. To check every process executed in the machine for a specified range.
Verified User
Anonymous
Read full review
Pros
Cofense
  • Separating links and attachments contained in the email, and checking to see if they are known malicious.
  • Clustering like emails to save time when responding.
  • Providing risks scores with each cluster to give an estimate on which clusters should be addressed first.
Verified User
Anonymous
Read full review
VMware by Broadcom
  • Process tree view of endpoint activity
  • Ability to pull files from host
  • Threat Intelligence integration
  • Isolate a host
Verified User
Anonymous
Read full review
Cons
Cofense
  • There are too many interdependent pieces which you have to acquire separately.
  • I think Cofense has a lot of capabilities and usefulness, but I think it's too a la carte.
  • We own Cofense and PhishMe currently and there are some gaping holes that require additional licensing to close.
Verified User
Anonymous
Read full review
VMware by Broadcom
  • Number of false positive which are triggered due to threat feeds are sometimes more needs to be fine tuned by the client.
  • In very rare scenarios processes are not captured properly.
Verified User
Anonymous
Read full review
Likelihood to Renew
Cofense
Cofense is stable and provides easy to use solution to aid the investigation of emails as well as managing simulated phishing campaigns.
MB
Mike Burch
IT Security Team Lead
Read full review
VMware by Broadcom
No answers on this topic
Usability
Cofense
The interface is easy and intuitive.
MB
Mike Burch
IT Security Team Lead
Read full review
VMware by Broadcom
No answers on this topic
Reliability and Availability
Cofense
We've experienced zero downtime.
MB
Mike Burch
IT Security Team Lead
Read full review
VMware by Broadcom
No answers on this topic
Performance
Cofense
No slowness seen.
MB
Mike Burch
IT Security Team Lead
Read full review
VMware by Broadcom
No answers on this topic
In-Person Training
Cofense
Training was through, relevant and easy to follow.
MB
Mike Burch
IT Security Team Lead
Read full review
VMware by Broadcom
No answers on this topic
Alternatives Considered
Cofense
The other product had a lot of fails on the auto-processing and did not integrate well with our current environment. One issue had to do with the way it sends the submissions to its processing engine—our email gateway configuration would have blocked this traffic. I also did not like the user interface.
Verified User
Anonymous
Read full review
VMware by Broadcom
CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.
Verified User
Anonymous
Read full review
Scalability
Cofense
We've experienced zero downtime
MB
Mike Burch
IT Security Team Lead
Read full review
VMware by Broadcom
No answers on this topic
Return on Investment
Cofense
  • Due to the integration potential, large amounts of time are saved on a daily basis.
  • Incident response time has dropped due to the increased information available by having access to phishing emails directly.
  • Staff are able to effectively learn how multiple tools in our environment are used by mastering Triage. This has decreased training time greatly and increased the effectiveness of each associate.
Verified User
Anonymous
Read full review
VMware by Broadcom
  • It is helping to protect us from potential loss of revenue that would be caused by malware or a compromised account.
  • It took some time in deploying in the environment , but that time is much worth it because of the results we are getting now.
  • It helps in hunting, which help us check and protect our environment from any cyber attacks.
Verified User
Anonymous
Read full review
ScreenShots

Cofense Triage Screenshots

Screenshot of Triage DashboardScreenshot of Triage Dashboard Cluster DetailsScreenshot of Triage Cluster DetailsScreenshot of Triage Cluster Malicious AttachmentScreenshot of Triage Cluster HeadersScreenshot of Triage Reporter Details