VMware Carbon Black Endpoint and Splunk SOAR compete in endpoint security and security orchestration, respectively. VMware Carbon Black Endpoint seems to have the upper hand due to its advanced threat detection and centralized management capabilities.
Features:VMware Carbon Black Endpoint offers behavioral monitoring, threat hunting capabilities, and a centralized cloud-based control for remote management. It also uses cloud-based detection with virus total integration and provides comprehensive incident response. Splunk SOAR focuses on automation and integration with various security tools. It streamlines incident response with customizable playbooks and real-time automation, emphasizing its interoperability and rich automation features.
Room for Improvement:VMware Carbon Black Endpoint could improve mobile device support and streamline reporting features while enhancing EDR functionalities. Attention is needed on management interface usability and cloud console speed. Splunk SOAR requires better integration with third-party tools, improved API capabilities, and enhanced support for legacy systems.
Ease of Deployment and Customer Service:VMware Carbon Black Endpoint is deployed across private, hybrid, and public clouds, with customer support generally satisfactory but sometimes lacking in off-business hour support. Splunk SOAR supports similar environments, though users highlight the need for better onboarding and training. Both solutions offer diverse customer service experiences but report slower responsiveness on complex queries.
Pricing and ROI:VMware Carbon Black Endpoint is considered expensive, justified by its comprehensive features and security capabilities. It offers significant ROI in robust endpoint protection environments. Splunk SOAR, though costly, particularly for smaller customers, provides substantial ROI through automation and workflow efficiency. Users find its subscription pricing model advantageous but note it could be more competitive. Both products align their pricing with their comprehensive security offerings based on customer needs.
We've seen a decrease in false positives and a significant increase in our containment.
Discovering different troubleshooting methods is harder to do with Splunk SOAR than with Enterprise Security or other Splunk services.
Splunk's technical support is very good and generally not needed often due to the stable environment.
It can be extended and adapted as necessary.
Splunk SOAR has the ability to scale quite significantly.
We have not experienced any downtime, crashes, or performance issues.
Splunk SOAR provides a stable environment and technology.
Although it enhances alert handling, it still has a journey to compete with Palo Alto SOAR and FortiSOAR.
Splunk's Unified Platform does help consolidate networking security and IT observability tools.
To make Splunk SOAR a better solution, there could be better built-in debugging tools, smarter playbook suggestions, and enhanced lifecycle management.
Splunk SOAR is moderately priced, neither cheap nor overly expensive.
Splunk SOAR is affordable cost-wise only.
The solution is free for us, which is a beneficial aspect.
Creating playbooks using the Playbook Editor in Splunk SOAR is easy. The editor is designed to be user-friendly with visual drag and drop features, allowing for easy workflows without writing any code.
The customization of the playbook in Splunk SOAR is very beneficial.
My impressions of Splunk's ability to predict, identify, and solve problems in real-time are very impressive.
| Product | Market Share (%) |
|---|---|
| Splunk SOAR | 7.7% |
| Microsoft Sentinel | 15.9% |
| Palo Alto Networks Cortex XSOAR | 9.6% |
| Other | 66.8% |
| Product | Market Share (%) |
|---|---|
| VMware Carbon Black Endpoint | 1.8% |
| Microsoft Defender for Endpoint | 9.9% |
| CrowdStrike Falcon | 7.9% |
| Other | 80.4% |
| Company Size | Count |
|---|---|
| Small Business | 11 |
| Midsize Enterprise | 7 |
| Large Enterprise | 28 |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 9 |
| Large Enterprise | 30 |
Splunk SOAR offers features like automation and orchestration of manual tasks, speeding up work, detection and response to advanced and emerging threats.
Automate manual tasks. Address every alert, every day. Establish repeatable procedures that allow security analysts to stop being reactive and focus on mission-critical objectives to protect your business.
Orchestrate and automate repetitive tasks, investigation and response to increase efficiency and productivity, and do more with the people you already have. Make a team of three feel like a team of 10.
Work faster with Splunk SOAR. Respond to threats in seconds. Lower your mean time to respond (MTTR) by automating security tasks and workflows across all of your security tools.
Take advantage of Splunk Enterprise Security and Splunk SOAR joining forces to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats.
VMware Carbon Black Endpoint enhances endpoint security with its robust EDR, threat detection, and live response features. The cloud-based architecture supports remote management and easy setup while behavioral monitoring and dynamic grouping minimize security risks.
VMware Carbon Black Endpoint is designed for those seeking comprehensive endpoint protection. With its cloud-based deployment, organizations experience streamlined remote control and simplified rollout processes. Its behavioral monitoring, incident response capabilities, and firewall integration deliver advanced security measures. Although it addresses many security challenges, areas like manual alert management, on-demand scanning, and integration with systems like AlienVault USM require refinement. Improved UI, EDR components, and flexible pricing models would enhance user satisfaction. On-premise deployment infrastructure and compatibility issues with some operating systems need attention. Enhanced reporting, container security, and multi-tenancy support are also essential for fulfilling industry needs. AI-driven analysis and threat isolation empower companies by fostering proactive management.
What are the key features of VMware Carbon Black Endpoint?
What benefits should users look for when evaluating VMware Carbon Black Endpoint?
VMware Carbon Black Endpoint finds extensive application in industries focused on stringent security requirements. Managed security service providers leverage its capabilities to deliver comprehensive protection to multiple clients worldwide. Organizations use it primarily for antivirus protection and incident management, integrating it with their existing security frameworks to strengthen endpoint visibility and real-time threat prevention. Its advanced detection and application control features make it a preferred choice in industries that prioritize robust security measures. However, it requires improvements in terms of system compatibility and customization flexibility to better serve diverse industry environments.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
