1. Home
  2. Endpoint Security Software
  3. Carbon Black Endpoint Reviews
  4. User Review of Carbon Black Endpoint
Cb Defense NGAV
June 06, 2017

Cb Defense NGAV

Eric Samuelson | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Cb Defense

We are using Cb Defense for the whole organization. It is acting as our only antivirus agent. We use it to monitor and protect all endpoints. As a NGAV agent, it protects our endpoints from known and unknown malware threats.
  • Cb Defense was simple to deploy and set up. We used our system management appliance to deploy the agent to all Mac and Windows endpoints.
  • The reporting features are great and have recently been improved. You can trace the activity to see what parent application is triggering the event and how it was done.
  • Cb support has been really helpful tracking down issues and helping us to resolve them.
  • Cb pro services was great working with us to deploy the agents and set up policies.
  • Policy management can be cumbersome. It is simple to set up a single policy but you have no way to apply the rules to multiple groups. If you need to set up the same rule to multiple policies, you need to type it over again.
  • Agent updates can be very slow to deploy. We use a mix of rolling out updates via the web console and our management appliance. It can take several weeks to update all agents.
  • We can be confused on why a rule will apply to a file. Sometimes something is blocked but we don't understand why.
  • We removed our legacy antivirus software that was not updating correctly and ended up being difficult to manage. This freed up more admin time for different tasks.
  • We have run into issues with people running scripts that are not in the whitelisted directories. They are blocked and require urgent response to resolve. This can cause extra work and some time after hours support.
Some of the other products did not allow you to whitelist items on a Mac. We are a heavy Mac shop so this was a requirement. Cb Defense had superior reporting, making it easy to track what was happening on a machine and how to respond.
We ran known malware and zero days against all of the products and they protected the test system.
Cb Defense works great to protect systems from known and unknown malware. It is simple to deploy and manage. You might run into some issues if you run a lot of unsigned applications or scripts in your IT environment. If that is the case, you can whitelist certain paths for your scripts to run. You can whitelist the individual applications and certs if you have them.