CrowdStrike Falcon vs VMware Carbon Black EDR (formerly Cb Response)

Likelihood to Recommend

It's a great solution with a massive deployment scenario with a lot of endpoints, and where the time is an issue and you need to be protected ASAP - thanks to its cloud-based architecture you will be up and running in almost 10 minutes (literally). There are no signatures, further refinements, or additional hardware and servers required. An always or almost always offline [scenario] is not well-suited for Falcon Pro.

Read full review

Victor Rivera

Senior Information Technology Manager

Grupo VinteConstruction, 1001-5000 employees

View all 18 answers on this topic

Investigating suspicious behavior on an endpoint, ability to kill processes and run files on the host. Ability to view every change made on a system in a timeline format. Ability to search across the enterprise for indicators of compromise. Ability to pull files from the host for further analysis. Ability to safely communicate with an endpoint by isolating it from the rest of the network

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Feature Rating Comparison

CrowdStrike Falcon

VMware Carbon Black EDR (formerly Cb Response)

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

CrowdStrike Falcon

VMware Carbon Black EDR (formerly Cb Response)

Company-wide Incident Reporting

Integration with Other Security Systems

Attack Chain Visualization

Centralized Dashboard

Machine Learning to Prevent Incidents

Live Response for Rapid Remediation

Pros

Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.

Read full review

Randy Munroe

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 18 answers on this topic

Process tree view of endpoint activity
Ability to pull files from host
Threat Intelligence integration
Isolate a host

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Cons

We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.

Read full review

Mark Sauer

Director of Information Technology

TransPakPackage/Freight Delivery, 1001-5000 employees

View all 18 answers on this topic

Needs more defensive abilities

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Support Rating

CrowdStrike Falcon 8.6

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

No score

No answers yet

No answers on this topic

Alternatives Considered

Overall I found CrowdStrike Falcon's EDR capabilities superior to their competitors. Also, the user interface has taken its time to mature and is very intuitive and has a natural flow. Policy configuration and assignment as well as the features and settings within the config were more complete and met all our requirements. Lastly, the agent plays nice with everything else running on systems. We hardly ever have issues of Falcon interfering with users or services, and false positives are kept at a minimum.

Read full review

David Reyes

Sr Systems Engineer

InnovaSystemsComputer Software, 201-500 employees

View all 18 answers on this topic

CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Return on Investment

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 18 answers on this topic

Increased visibility across the enterprise for threats
Rapid ability to investigate and remediate threats

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Pricing Details

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

No

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

VMware Carbon Black EDR (formerly Cb Response) Editions & Modules

—

Additional Pricing Details

—

Rating Summary

CrowdStrike Falcon

VMware Carbon Black EDR (formerly Cb Response)

CrowdStrike Falcon

VMware Carbon Black EDR (formerly Cb Response)