CrowdStrike Falcon vs VMware Carbon Black EDR

Likelihood to Recommend

CrowdStrike continues to be the leader of where it is today by extending the offerings that is has. While there are a number of downfalls of the product, no one other security vendor can rightfully do what CrowdStrike does. Smaller players in the game are able to "pull a feather" here and there but there is no stopping the behemoth that is CrowdStrike. So long as CrowdStrike continues to deliver on its endpoint protection capabilities and levels up their behavioral detections, they are the best buy all day long. For those looking for a company that is clear about what they are monitoring for and how, rule logic, etc.... CrowdStrike is the exact opposite. They are a complete black box that thinks detect logic is magic and protects it all as if it was intellectual property. For some organizations they will likely not care; however, for others with established security teams, this can prove to be an irritant.

Read full review

Bryan Bowie

Principal Incident Responder (Sr.)

VerizonSecurity & Investigations, 10,001+ employees

View all 29 answers on this topic

Investigating suspicious behavior on an endpoint, ability to kill processes and run files on the host. Ability to view every change made on a system in a timeline format. Ability to search across the enterprise for indicators of compromise. Ability to pull files from the host for further analysis. Ability to safely communicate with an endpoint by isolating it from the rest of the network

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Feature Rating Comparison

CrowdStrike Falcon

VMware Carbon Black EDR

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

CrowdStrike Falcon

VMware Carbon Black EDR

Company-wide Incident Reporting

Integration with Other Security Systems

Attack Chain Visualization

Centralized Dashboard

Machine Learning to Prevent Incidents

Live Response for Rapid Remediation

Pros

Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.

Read full review

Randy Munroe

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 29 answers on this topic

Process tree view of endpoint activity
Ability to pull files from host
Threat Intelligence integration
Isolate a host

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Cons

We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.

Read full review

Mark Sauer

Director of Information Technology

TransPakPackage/Freight Delivery, 1001-5000 employees

View all 29 answers on this topic

Needs more defensive abilities

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Support Rating

CrowdStrike Falcon 8.8

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

No score

No answers yet

No answers on this topic

Alternatives Considered

[Because of] its cloud-based architecture, complete set of features, LDAP integration and massive deployment options. The open integration with another security solution and it's almost native with all Windows flavors including Windows Server. Its Incident Response Team is a one-and-only kind of solution that makes CrowdStrike a really different competitor and a natural leader in cybersecurity market.

Read full review

Victor Rivera

Senior Information Technology Manager

Grupo VinteConstruction, 1001-5000 employees

View all 29 answers on this topic

CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality.

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Return on Investment

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 29 answers on this topic

Increased visibility across the enterprise for threats
Rapid ability to investigate and remediate threats

Read full review

Verified User

Professional in Information Technology

Insurance Company, 5001-10,000 employees

View all 1 answers on this topic

Pricing Details

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

No

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

VMware Carbon Black EDR Editions & Modules

—

Additional Pricing Details

—

Rating Summary

CrowdStrike Falcon

VMware Carbon Black EDR

CrowdStrike Falcon

VMware Carbon Black EDR