CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.
$6.99
per endpoint/month (for 5-250 endpoints, billed annually)
Carbon Black Endpoint
Score 8.4 out of 10
N/A
The VMware Carbon Black Endpoint solution (formerly Cb Defense) is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems. Endpoint Standard captures and stores endpoint activity, enabling a comprehensive view of any suspicious activity on endpoints, including visibility into the entire attack chain, so users can understand the…
N/A
Pricing
CrowdStrike Falcon
VMware Carbon Black Endpoint
Editions & Modules
Falcon Pro
$6.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise
$14.99
per endpoint/month (minimum number of endpoints applies)
Falcon Premium
$17.99
per endpoint/month (minimum number of endpoints applies)
CrowdStrike Falcon is a far superior endpoint protection product that requires much less upkeep for similar pricing. There was a lot of extra administrative overhead to write detections and keep endpoints updated compared to CrowdStrike Falcon. I was very surprised to learn …
I think Carbon black is as good a product as CrowdStrike Falcon. We went with CrowdStrike Falcon because it was cheaper at the time and then stuck with it when Dell bought Carbon Black. I find that the logging and information is much better that Microsoft defender, many of …
It's easier to manage, less time to deploy, has more integrations and better understands the business needs. False positives, visibility, sensors management, device control, detections, preventions are pretty much the differentiators with other rivals. It will have more and …
We evaluated 3 other competitors and determined that Cb Defense was the best "bang for the buck" when it comes to Next-Generation Anti Virus. Their support (and sales) teams have been very helpful and offered a tremendous level of transparency. Our sales representative went …
It helps to detect and prevent malwares automatically which saves the response time to act. The machine learning and AI feature which helps to detect unusual behavioural based malwares which use defence evasion techniques. The fusion workflow feature which helps to automate the detection and blocking of less important files such as PUP/Adwares so the focus can be on real threats. The host logs are easy to filter and use which helps to do quick incident response
Cb Defense has been working very well in our organization. It is giving us much better insight into the applications that people are running on their systems (without authorization). This software is also great because it provides visibility into systems that are remote (off the network but still have Internet access). The out of band feature is great to help ensure that the systems are protected even when a user is traveling.
History of Process Execution, really anything that happens in the system is easily seen within the Dashboard. I can determine if a bad actor has infected the system, be it malware, backdoor, rootkit, Trojan, then from that point, I can put the system into Quarantine.
Being able to quarantine the system from the Dashboard. With these type of tools, pulling the power and running a hard drive image is not needed. Put the system in quarantine, start the analysis. A year ago, the network engineer might move the system into a VLAN that has no access to anything, except the system performing the remote analysis... Now I do not have to rely on anyone to move a system, power it down, pull the drive, or image the drive. I can just start the analysis right from my workstation.
The Live Response, again goes hand in hand with the quarantine feature.
By now, I am sure you see a process. Its simple, and easy and all done from a cloud-based console, called the dashboard. .. deploy the agent, create the policy, and active live response, set up email alerts, and monitor your endpoints... you are now ready to perform a triage in the event of an infection. We have step 1, step 2, step 3... but, just remember, things do happen, nothing is perfect, but this product has its advantages.
Policy management can be cumbersome. It is simple to set up a single policy but you have no way to apply the rules to multiple groups. If you need to set up the same rule to multiple policies, you need to type it over again.
Agent updates can be very slow to deploy. We use a mix of rolling out updates via the web console and our management appliance. It can take several weeks to update all agents.
We can be confused on why a rule will apply to a file. Sometimes something is blocked but we don't understand why.
I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.
The console of the product is very easy to use. It provides great detailed information about all aspects of things occurring on the endpoint. It was easy to deploy and set up. The centralized cloud-based interface has made it easy to add two domains and manage them under a single pane with multiple admins. The only reason I wouldn't give it a higher score is a little bit of lag between updated info from the clients and also the lack of accountability in the deployment process. You set the deployment up for multiple machines and can't easily see if it was successful and/or it takes a while to see if it succeeded or failed.
Support is generally pretty fast and gets right to the issue. We haven't had to use them much, fortunately, but the issues and questions we've had are usually answered quickly. The customer success manager/account manager you're assigned will also follow up with you on a regular cadence to ensure you're getting the most out of the subscription. There's not a whole lot of room to improve, other than the general confusion about what is/what is not covered in custom packages you're subscribed to. The initial purchase took much longer because of a package name changes and realignments of different modules into those packages.
First, I need to disclose that our support is provided by SecureWorks. We purchased CB Defense from them, and they provide 24x7 monitoring and notification services for the solution and its deployment on our endpoints. To date, we are very pleased with this arrangement
CrowdStrike Falcon Endpoint certainly comes in with a slight price premium compared to other offerings, but when you're talking about your last line of defense against malware it's well worth it. From a feature perspective, many players offer similar feature sets but what sets CrowdStrike apart is the ease of implementation. The management is simplistic in nature for the items we managed on our own (we were using Falcon Complete which is a managed solution).
Cb is cloud-based and has a more advanced policy management. It also has better forensics information. Cost was similar, but Cb added cost savings in terms of IT management resources. We also have the ability to talk directly with engineers and have input on feature updates.
