Your best offense against malicious endpoint activity is to be found with CB Defense
We are using this solution across all the endpoints in our entire organization. CB Defense addresses potential endpoint infections and …
Carbon Black Endpoint
VMware Carbon Black Endpoint
Overview
Recent Reviews
Video Reviews
Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Carbon Black Endpoint, and make your voice heard!
Pricing
View all pricingN/A
Unavailable
What is Carbon Black Endpoint?
The VMware Carbon Black Endpoint solution (formerly Cb Defense) is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems. Endpoint…
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
19 people want pricing too
Alternatives Pricing
What is Microsoft Defender for Endpoint?
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection…
What is Sophos Intercept X?
Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.
Features Scorecard
No scorecards have been submitted for this product yet.Start a Scorecard.
Product Details
What is Carbon Black Endpoint?
The VMware Carbon Black Endpoint solution (formerly Cb Defense) is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems. Endpoint Standard captures and stores endpoint activity, enabling a comprehensive view of any suspicious activity on endpoints, including visibility into the entire attack chain, so users can understand the impact of any attacks and take action.
VMware acquired Carbon Black October 2019.
Carbon Black Endpoint Screenshots
Carbon Black Endpoint Video
Cb Defense Demo
Carbon Black Endpoint Downloadables
Carbon Black Endpoint Competitors
- Symantec Endpoint Security
- Sophos Intercept X
- Trend Micro Apex One
- McAfee Antivirus
Carbon Black Endpoint Technical Details
| Deployment Types | On-premise, SaaS |
|---|---|
| Operating Systems | Windows, Linux, Mac |
| Mobile Application | No |
| Supported Languages | English |
Comparisons
View all alternativesCompare with
Frequently Asked Questions
What is Carbon Black Endpoint?
The VMware Carbon Black Endpoint solution (formerly Cb Defense) is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems. Endpoint Standard captures and stores endpoint activity, enabling a comprehensive view of any suspicious activity on endpoints, including visibility into the entire attack chain, so users can understand the impact of any attacks and take action.
VMware acquired Carbon Black October 2019.
What are Carbon Black Endpoint's top competitors?
Symantec Endpoint Security, Sophos Intercept X, and Trend Micro Apex One are common alternatives for Carbon Black Endpoint.
What is Carbon Black Endpoint's best feature?
Reviewers rate Endpoint Detection and Response (EDR) and Infection Remediation highest, with a score of 9.7.
Who uses Carbon Black Endpoint?
The most common users of Carbon Black Endpoint are from Mid-sized Companies (51-1,000 employees) and the Information Technology & Services industry.
Reviews and Ratings
(27)
Reviews
(1-7 of 7)- Popular Filters
Companies can't remove reviews or game the system. Here's why
September 26, 2019
Your best offense against malicious endpoint activity is to be found with CB Defense
- It uses a thin, low-performance consuming, client.
- It constantly monitors endpoint activity and processes, efficiently, and effectively blocking harmful apps.
- It not only identifies and blocks apps known to be harmful, but prevents unknown, suspicious processes/apps from executing unless allowed in a defined policy.
- It does not offer a way to scan individual files on your endpoint. Some users like to be able to do this. Personally, given the effectiveness of the agent, I don't see a need for this, but it would appease some users.
September 15, 2019
Best "Bang for the Buck" in the NGAV field
- Affordability was a huge factor in our decision to purchase this solution. The level of protection and the feature set provided was well above any of their competitors in the same price range.
- The ability to quickly triage alerts and to see the process-trees are what helps Cb Defense to stand out from their competitors. The process-tree helps us to immediately see what actions are taking place in the offending application and what responses were taken (or are needed).
- The agent is very light-weight and does not affect system performance of our clients.
- At times (depending on how your policy is configured) the system can be a little "noisy" in the sense that you can get many false positives. However, this is not so much of a "con" as it is a result of an overly-aggressive policy configuration.
- Configuring the policy will take some time to really "fine tune" it so that you strike a nice balance between false positives and letting questionable actions take place.
- Getting the software deployed via SCCM can be a pain.
September 03, 2019
Cb Defense Provides Next Gen Security with great visiblity into what is occuring on your EndPoints
- Cb Defense does a great job of monitoring the endpoint activities in great detail.
- Defense is a cloud-based offering and has an easy to use centralized interface.
- The alerts are very definable, and as such are easily refined to avoid getting too many extraneous alerts.
- The Cb salespeople have been very accommodating to get to price points that we as an SMB (with tight budgets) could afford.
- We have only needed support on a couple occasions (which is a positive), but they weren't able to really resolve either issue.
- This brings me to my second con, which is that we have only used three sensor packages (the installed client) and have had issues crop up with two out of three.
June 15, 2018
CB Defense with Live Response ....What a wonder
- History of Process Execution, really anything that happens in the system is easily seen within the Dashboard. I can determine if a bad actor has infected the system, be it malware, backdoor, rootkit, Trojan, then from that point, I can put the system into Quarantine.
- Being able to quarantine the system from the Dashboard. With these type of tools, pulling the power and running a hard drive image is not needed. Put the system in quarantine, start the analysis. A year ago, the network engineer might move the system into a VLAN that has no access to anything, except the system performing the remote analysis... Now I do not have to rely on anyone to move a system, power it down, pull the drive, or image the drive. I can just start the analysis right from my workstation.
- The Live Response, again goes hand in hand with the quarantine feature.
- By now, I am sure you see a process. Its simple, and easy and all done from a cloud-based console, called the dashboard. .. deploy the agent, create the policy, and active live response, set up email alerts, and monitor your endpoints... you are now ready to perform a triage in the event of an infection. We have step 1, step 2, step 3... but, just remember, things do happen, nothing is perfect, but this product has its advantages.
- I would like to see better integration with Alien Vault, other SIEM products such as Splunk has detailed instruction on the setup, but since we have 3 USM appliances within our organization, the integration would be key for us.
- Some say that data leakage occurs from collecting information being sent to the cloud. The way the system works is it basically looks at a system and decide after time what is normal process execution, then uploads this data on port 443 to the cloud. I have read that this data can be seen by 3rd parties, but I haven't seen it myself.
- ref: https://www.directdefense.com/harvesting-cb-response-data-leaks-fun-profit/
- Sometimes I get some crazy alerts like Outlook has scraped memory due to Ransomware. Other times it's Word or Excel, even Chrome. I could go into the policy and start whitelisting, which by the way, whitelisting can be done within the alert, but who has time.
June 13, 2018
Cb Defense: Grab your threat hunting gear!
- It's Cloud based. Has reduced our on premise server footprint. Has also reduced all the management overhead. Specifically, frequent updates/upgrades. Mobile devices don't need to be connected to our network.
- Threat hunting and analysis. We are able to see a ton of forensic information.
- Management interface is intuitive and easy to use.
- Tighter integration with its other products like Cb Protect.
- More specific controls for FIM.
June 06, 2017
Cb Defense NGAV
- Cb Defense was simple to deploy and set up. We used our system management appliance to deploy the agent to all Mac and Windows endpoints.
- The reporting features are great and have recently been improved. You can trace the activity to see what parent application is triggering the event and how it was done.
- Cb support has been really helpful tracking down issues and helping us to resolve them.
- Cb pro services was great working with us to deploy the agents and set up policies.
- Policy management can be cumbersome. It is simple to set up a single policy but you have no way to apply the rules to multiple groups. If you need to set up the same rule to multiple policies, you need to type it over again.
- Agent updates can be very slow to deploy. We use a mix of rolling out updates via the web console and our management appliance. It can take several weeks to update all agents.
- We can be confused on why a rule will apply to a file. Sometimes something is blocked but we don't understand why.
June 02, 2017
Cb Defense Stops Bad Guys Cold
- Provide analysis of where the the threat actually took place and how it worked it's way into the environment
- Stopping unknown threats and reporting on them appropriately
- Carbon Black support is a responsive team
- Reporting for C-Level information
- Tailored email alerts templates
- Installation of the product needs third party tool for mass deployment