OpenText EnCase Endpoint Security vs. VMware Carbon Black EDR

OpenText EnCase Endpoint Security

VMware Carbon Black EDR

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
OpenText EnCase Endpoint Security	Score 1.0 out of 10	N/A	OpenText EnCase Endpoint Security, is an endpoint security solution designed to provide 360-degree visibility across laptops, desktops and servers for proactive discovery of sensitive data, identification and remediation of threats and discreet, forensically-sound data collection and investigation. The application was developed and sold by Guardian Software as EnCase Endpoint Security, and is now part of the Security Suite from OpenText, since the acquisition in summer 2017.	N/A
VMware Carbon Black EDR	Score 8.4 out of 10	N/A	VMware Carbon Black EDR (formerly Cb Response) is an incident response and threat hunting solution designed for security operations center (SOC) teams with offline environments or on-premises requirements. Carbon Black EDR records and stores endpoint activity data so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the VMware Carbon Black Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of…	N/A

Pricing

OpenText EnCase Endpoint Security

VMware Carbon Black EDR

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
OpenText EnCase Endpoint Security	VMware Carbon Black EDR
Free Trial
No	No
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Community Pulse
	OpenText EnCase Endpoint Security	VMware Carbon Black EDR
Top Pros	No answers on this topic	Pro Easy to understand Pro Go live Pro Tree view
Top Cons	Minus Difficult to find Minus Definitely needs Minus User friendly	Minus False positive

Features

OpenText EnCase Endpoint Security

VMware Carbon Black EDR

Incident Response Platforms

Comparison of Incident Response Platforms features of Product A and Product B
	OpenText EnCase Endpoint Security - Ratings	VMware Carbon Black EDR 8.3 2 Ratings 2% below category average
Company-wide Incident Reporting	00 Ratings	9.02 Ratings
Integration with Other Security Systems	00 Ratings	8.02 Ratings
Attack Chain Visualization	00 Ratings	9.02 Ratings
Centralized Dashboard	00 Ratings	9.02 Ratings
Machine Learning to Prevent Incidents	00 Ratings	7.02 Ratings
Live Response for Rapid Remediation	00 Ratings	8.02 Ratings

Best Alternatives
	OpenText EnCase Endpoint Security	VMware Carbon Black EDR
Small Businesses	SentinelOne Singularity Score 9.1 out of 10	ThreatDown, powered by Malwarebytes Score 8.7 out of 10
Medium-sized Companies	SentinelOne Singularity Score 9.1 out of 10	CrowdStrike Falcon Score 9.1 out of 10
Enterprises	BeyondTrust Endpoint Privilege Management Score 8.7 out of 10	Hoxhunt Score 9.3 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	OpenText EnCase Endpoint Security	VMware Carbon Black EDR
Likelihood to Recommend	1.0 (1 ratings)	8.0 (2 ratings)
Support Rating	1.0 (1 ratings)	- (0 ratings)

User Testimonials
	OpenText EnCase Endpoint Security	VMware Carbon Black EDR
Likelihood to Recommend	OpenText It is more suited to environments that have a large internal user base since there will be more incidents that require forensic analysis. It will be less suited for environments that have a small internal user base due to the fact that there would be fewer incidents that require forensic analysis, but it really depends on the industry that a small internal user base is a part of. Incentivized Sergil Cave Cyber Security Engineer Read full review	VMware by Broadcom We are able to check if any phishing link was visited by the user or not. To check for the whether any file is executed on the machine or not. To check on which port connections are being made by the machine. To create custom watchlist for alert to be investigated by an analyst. To check every process executed in the machine for a specified range. Incentivized Verified User Anonymous Read full review
Pros	OpenText Functionality meets minimal requirements, since it performs forensic investigations as advertised. Incentivized Sergil Cave Cyber Security Engineer Read full review	VMware by Broadcom Process tree view of endpoint activity Ability to pull files from host Threat Intelligence integration Isolate a host Incentivized Verified User Anonymous Read full review
Cons	OpenText Their UI definitely needs to be more user-friendly, right now it is very cumbersome to run and view investigations. Authentication mechanism should be a simple username/password, not certificate-based which is difficult to manage. Needs better support documentation for the product, it is difficult to find solutions to issues that we run into. Incentivized Sergil Cave Cyber Security Engineer Read full review	VMware by Broadcom Number of false positive which are triggered due to threat feeds are sometimes more needs to be fine tuned by the client. In very rare scenarios processes are not captured properly. Incentivized Verified User Anonymous Read full review
Support Rating	OpenText Because support is non-existent whenever you have a functionality issue using the product. Also since the UI is so cumbersome to use we could use as much support as possible. Whenever we ask for support we are told to take the training which costs us more money. I believe that support should be easily accessible and affordable for the client Incentivized Sergil Cave Cyber Security Engineer Read full review	VMware by Broadcom No answers on this topic
Alternatives Considered	OpenText The other forensic tool that is a direct competitor to EnCase and wasn't listed above is the Forensic Toolkit or FTK. I believe that FTK is a better tool overall simply because it is easier to manage and use when it comes to investigations. Unfortunately, I wasn't part of the decision process and EnCase was the tool selected, otherwise, I would have recommended FTK. Incentivized Sergil Cave Cyber Security Engineer Read full review	VMware by Broadcom CB Response allows for a better view of what happened on the endpoint and provides more functionality out of the box then the FireEye Endpoint Security Product. CB Response allows you to basically have a remote connection into the CLI of an endpoint. This allows you to view the file system, run programs/scripts on the host, etc. FireEye Endpoint Security does not have this functionality. Incentivized Verified User Anonymous Read full review
Return on Investment	OpenText One negative impact would be that since the UI is cumbersome to use we would need to spend more money on training which is not always feasible. Another negative impact would be that since there is not much support available this slows down investigations due to finding out how to troubleshoot and fix functionality issues. One positive impact would be that since it meets minimal requirements when it comes to forensic analysis it gives us visibility on any malicious activity occurring on a user's endpoint. Incentivized Sergil Cave Cyber Security Engineer Read full review	VMware by Broadcom It is helping to protect us from potential loss of revenue that would be caused by malware or a compromised account. It took some time in deploying in the environment , but that time is much worth it because of the results we are getting now. It helps in hunting, which help us check and protect our environment from any cyber attacks. Incentivized Verified User Anonymous Read full review
ScreenShots