ServiceNow Security Operations vs VMware Carbon Black Cloud comparison

ServiceNow and Broadcom are both solutions in the Security Incident Response category. ServiceNow is ranked #1 with an average rating of 8.1, while Broadcom is ranked #8 with an average rating of 6.0. ServiceNow holds a 7.5% mindshare in IRP, compared to Broadcom’s 7.5% mindshare. Additionally, 95% of ServiceNow users are willing to recommend the solution, compared to 93% of Broadcom users who would recommend it.

ServiceNow Security Operations

Read 22 ServiceNow Security Operations reviews

2,477 Views
396 Comparison Views

95% willing to recommend

VMware Carbon Black Cloud

Read 19 VMware Carbon Black Cloud reviews

1,166 Views
303 Comparison Views

93% willing to recommend

ServiceNow Security Operations

VMware Carbon Black Cloud

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 2, 2025

ServiceNow Security Operations and VMware Carbon Black Cloud are both competitors in cybersecurity. ServiceNow stands out for its pricing and support, while VMware Carbon Black Cloud is recognized for its strong feature set.

Features: ServiceNow Security Operations is known for integration capabilities, automation tools for incident response, and handling vulnerability management. VMware Carbon Black Cloud provides advanced threat intelligence, analytics, and powerful endpoint detection to support proactive threat hunting.

Room for Improvement: ServiceNow Security Operations could benefit from enhancements in its user interface, scalability for growing enterprises, and more robust threat intelligence. VMware Carbon Black Cloud may need improvements in simplifying deployment, optimizing customer support experiences, and enhancing integration frameworks to make onboarding easier.

Ease of Deployment and Customer Service: ServiceNow Security Operations offers a seamless deployment process coupled with responsive customer service that facilitates quick system integration. VMware Carbon Black Cloud features straightforward cloud-based deployment, yet its complexity can affect setup times, occasionally requiring more support for its wider range of functionalities.

Pricing and ROI: ServiceNow Security Operations presents competitive pricing favorable for budget-focused organizations. VMware Carbon Black Cloud has a higher initial setup cost but is seen to deliver superior ROI through its efficient threat detection capabilities, making the cost justified over time for businesses seeking advanced security solutions.

To learn more, read our detailed ServiceNow Security Operations vs. VMware Carbon Black Cloud Report (Updated: December 2025).

Buyer's Guide

ServiceNow Security Operations vs. VMware Carbon Black Cloud

December 2025

Download the complete report

Helped 881,733 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

ServiceNow Security Operations

Ranking in Security Incident Response

1st

Average Rating

8.0

Reviews Sentiment

6.7

Number of Reviews

Ranking in other categories

Security Orchestration Automation and Response (SOAR) (9th), Risk-Based Vulnerability Management (11th)

VMware Carbon Black Cloud

Ranking in Security Incident Response

8th

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (54th)

Mindshare comparison

As of February 2026, in the Security Incident Response category, the mindshare of ServiceNow Security Operations is 7.5%, down from 19.4% compared to the previous year. The mindshare of VMware Carbon Black Cloud is 7.5%, up from 7.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Incident Response Market Share Distribution
Product	Market Share (%)
ServiceNow Security Operations	7.5%
VMware Carbon Black Cloud	7.5%
Other	85.0%

Security Incident Response

Featured Reviews

Kalyan Kothali

Associate Vice President at Wissen infotech

Effectively manages vulnerabilities and reduces false positives

ServiceNow Security Operations provides significant control over vulnerabilities, allowing users to mark false alarms as false positives and ignore them, which is important because many vulnerabilities are not real but appear as such. There are many aspects that we could handle. For certain vulnerabilities, remediation requires spending extra on hardware or OS upgrades, or purchasing new versions, which implies a cost. For that reason, we can take an exception for a couple of months or days, and once that exception expires, that vulnerability automatically reappears. These features help us ensure that everything is under control, and when we discuss vulnerabilities, we can consolidate them into one central category, which means working on one vulnerability automatically resolves the rest, making it efficient with the features provided.

Read full review

reviewer2771742

Sec consultant at a tech services company with 5,001-10,000 employees

Has supported consistent deployment across departments but needs better OS compatibility and detection performance

I am not really looking for a new solution, actually, I was preparing for an interview and wanted to have a comparison between both tools. I have not worked with any of these products before, but we had a training demonstration yesterday with Dynatrace, and I have investigated the Wiz solution better. In terms of experience, it will be my first time with CDR. I am working with something for EDR, specifically, we have an EDR, it's VMware Carbon Black Cloud. They have a hybrid environment, both on-prem and cloud. I would usually recommend this product for big companies, because it's not cheap, so only big companies would I expect to pay for that. The review rating for VMware Carbon Black Cloud is 6 out of 10.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"ServiceNow Security Operations collects data from various sources and presents it in a single, respectable format for assessment and action, providing a unified user experience where all work and fixes can be managed from one location."

"It's stable."

"The most valuable aspect of working with ServiceNow is its meaningful and feature-rich product."

"My favorite feature is the application vulnerability scanner."

"It gives you the ability to bring data into the system. The workflows are out of the box, and it gives you the ability to auto-assign the incidents based on criteria and vulnerabilities."

"Integration to other security tools allows for a consolidated view of all vulnerabilities, incidents, etc. for all sorts of leverage in a single platform to assess governance risk and compliance as well as an enhanced, enriched intelligence."

"ServiceNow is a convenient platform to raise tickets, and the respective support team will contact us to resolve any issues."

"ServiceNow Security Operations provides significant control over vulnerabilities, allowing users to mark false alarms as false positives and ignore them, which is important because many vulnerabilities are not real but appear as such."

More ServiceNow Security Operations pros

"The most valuable features are the threat-hunting and the batch console."

"They're highly stable in comparison with other solutions I have."

"Carbon Black insures the probability that any ransomware will be stopped before spreading."

"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."

"Carbon Black Cb Response excels at providing context to indicators when responding to incidents. It allows responders to understand the entire scope of an incident and quickly contain it to minimize impact and disruption."

"We also took full advantage of its incident response reporting capabilities to act as a “black box” for our infrastructure around strings of suspicious activity. The reporting and incident response capabilities were incredibly helpful during active security concerns."

"Setting up and managing the setup for this solution is okay. It is stable, scalable, and it runs just fine. No issues with technical support."

"The ability to isolate an endpoint with only the host name and a click of a button is a major time saver."

More VMware Carbon Black Cloud pros

Cons

"An area for improvement I observed in ServiceNow Security Operations is the need to maintain correct CMDB data because if you're unable to do this, you can't perfectly maintain the vulnerability data. CMDB data in ServiceNow Security Operations needs to be accurate. As I've been working on ServiceNow Security Operations for only seven months, I still need more time to try all its modules before I can give recommendations regarding additional features I'd like to see in the solution."

"The solution needs to make customization easier. You cannot do much customization immediately. It requires an extensive workload. If the customization process was user-friendly, it would be much better."

"We'd like customization to be easier in terms of the UI and using the dashboards."

"It doesn't interact with things very well."

"Report generation within ServiceNow can take some time."

"Visibility and transitions between teams present significant challenges in the SecOps space, indicating that substantial training and hand-holding are required to improve usability, which is one observation I have had."

"There are limitations for the third-parties that are providing the inputs. They should increase the robustness of the solution."

"It's very slow. When you click a button or update a field, it takes forever to actually react."

More ServiceNow Security Operations cons

"One area for improvement is the maturity of its vulnerability features."

"The product detects too many false positives initially and it could integrate better with other security solutions."

"The solution can only handle about 500 bans or blocks."

"They need to improve the batch console. It needs more capabilities. We are limited by the ones it provides..."

"Setup is incredibly complex and poorly documented. Every time an upgrade was needed we would need to engage Professional Services for troubleshooting help. Certificates and web services proved to be the most significant sticking points. Since the product runs on a Linux platform, perhaps having staff with more Linux experience could have alleviated some difficulty."

"Training and education for both partner and customer, including product marketing need to be improved."

"The solution's support could be improved."

"They have different products, but if we wanted to take their protection and their EPR, then we would need to have two agents"

More VMware Carbon Black Cloud cons

Pricing and Cost Advice

"This product is a good value for the money."

"The product is more expensive than other solutions."

"If you're going to implement it on your own, there would be internal costs. If you're going to implement it through a contractor or consultant, you have to pay for that."

"Compared to competitor tools, ServiceNow Security Operations is more affordable"

"The solution is more expensive than BMC Remedy, the other ITSM tool available in the market."

"It is an expensive product."

"Purchase Professional Services up front as part of the implementation package, then renew hours annually to ensure you have adequate support for upgrades and enhancements. Overbuy by at least 10% to account for infrastructure growth."

"Pricing for this solution could be made lower."

"We had no issues purchasing through our preferred reseller and were able to get a fair price even when not purchasing direct. Carbon Black Enterprise Response didn’t break the bank, though adding on the matching antivirus and anti-malware components of the Protect product was more than we could afford, even with some discounting. Cb Response is really designed to complement Carbon Black’s Defense product. While Response can be used on its own, coupling with Defense seems like the best strategy if you can afford the price tag."

"VMware Carbon Black Cloud is an expensive solution."

"The solution is very inexpensive so there is great cost savings to using it."

"You need to pay for the licensing of the product. The pricing is costly."

See which vendors are best for you

Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.

See recommendations

881,733 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Manufacturing Company

13%

Computer Software Company

Government

Financial Services Firm

11%

Computer Software Company

Real Estate/Law Firm

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	15

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	4
Large Enterprise	8

Questions from the Community

What is your experience regarding pricing and costs for ServiceNow Security Operations?

It is relatively expensive but manageable.

See all answers

What needs improvement with ServiceNow Security Operations?

ServiceNow Security Operations is not specifically a vulnerability management or incident tool, but rather a data aggregator. It would be beneficial if, similar to the Discovery module which assess...

See all answers

What advice do you have for others considering ServiceNow Security Operations?

Initially, acquire basic knowledge about the system and understand how ServiceNow Security Operations operates with other tools. This understanding is essential before starting the implementation p...

See all answers

What to choose: an endpoint antivirus, an EDR solution or both?

I can recommend Carbon Black, an award-winning next-gen anti-virus (NGAV) and endpoint detection and response (EDR) security solution. The CB Predictive Security Cloud platform combines multiple hi...

See all answers

What's the difference between Carbon Black CB Response and Carbon Black CB Defense?

Carbon Black offers two different levels of Endpoint Detection and Response. One is the VM Carbon Black Cloud Endpoint Standard (CB Defense), and the other is the Carbon Black Endpoint Detection an...

See all answers

What needs improvement with Carbon Black CB Response?

I see room for improvement as I remember some problems on compatibility with some operating systems; I recall we couldn't upgrade because the sensor was not compatible, and the latest VMware Carbon...

See all answers

Comparisons

Splunk SOAR vs ServiceNow Security Operations

Compared 15% of the time

Palo Alto Networks Cortex XSOAR vs ServiceNow Security Operations

Compared 14% of the time

Tines vs ServiceNow Security Operations

Compared 6% of the time

Microsoft Sentinel vs ServiceNow Security Operations

Compared 5% of the time

NetWitness NDR vs ServiceNow Security Operations

Compared 5% of the time

More ServiceNow Security Operations Competitors

Splunk SOAR vs VMware Carbon Black Cloud

Compared 19% of the time

Palo Alto Networks Cortex XSOAR vs VMware Carbon Black Cloud

Compared 16% of the time

VMware Carbon Black Endpoint vs VMware Carbon Black Cloud

Compared 9% of the time

Rapid7 InsightIDR vs VMware Carbon Black Cloud

Compared 8% of the time

HP Wolf Security vs VMware Carbon Black Cloud

Compared 4% of the time

More VMware Carbon Black Cloud Competitors

Product Reports

Buyer's Guide

ServiceNow Security Operations

January 2026

Download ServiceNow Security Operations product report

Buyer's Guide

VMware Carbon Black Cloud

January 2026

Download VMware Carbon Black Cloud product report

Also Known As

No data available

Carbon Black CB Response

Overview

ServiceNow Security Operations is a cutting-edge security solution designed to elevate organizations' security incident response (SIR) processes through automation and orchestration. Going beyond traditional SOAR, this comprehensive Security Operations Suite integrates seamlessly with other ServiceNow products and offers a wide array of features. Its components include Security Incident Response (SIR), which automates incident workflows and offers pre-built playbooks; Security Configuration Compliance (SCC), continuously scanning and automating compliance tasks; Vulnerability Response (VR), prioritizing and remediating vulnerabilities; Threat Intelligence (TI), aggregating threat data for proactive threat hunting; and additional features like IT Service Management integration, Machine Learning and AI, reporting, and a mobile app. The benefits span improved incident response speed, reduced mean time to resolution, increased security posture, enhanced compliance, collaborative synergy between security and IT teams, and operational cost reductions.

ServiceNow

Fortify Endpoint and Workload Protection

Legacy approaches fall short as cybercriminals update tactics and obscure their actions. Get advanced cybersecurity fueled by behavioral analytics to spot minor fluctuations and adapt in response.

Recognize New Threats

Analyze attackers’ behavior patterns to detect and stop never-before-seen attacks with continuous endpoint activity data monitoring. Don’t get stuck analyzing only what’s worked in the past.

Simplify Your Security Stack

Streamline the response to potential incidents with a unified endpoint agent and console. Minimize downtime responding to incidents and return critical CPU cycles back to the business.

Broadcom

Sample Customers

DXC Technology, Freedom Security Alliance, Prime Therapeutics, Seton Hall University, York Risk Services

ALLETE belk

Buyer's Guide

ServiceNow Security Operations vs. VMware Carbon Black Cloud

December 2025

Free Report: ServiceNow Security Operations vs. VMware Carbon Black Cloud

Find out what your peers are saying about ServiceNow Security Operations vs. VMware Carbon Black Cloud and other solutions. Updated: December 2025.

DOWNLOAD NOW

881,733 professionals have used our research since 2012.

See our ServiceNow Security Operations vs. VMware Carbon Black Cloud report.

See our list of best Security Incident Response vendors.

We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.