We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Probably the most valuable feature of CB Response is its ability to isolate a host and take it off the network, so it's not spreading anything. We have two security operations centers around the globe. When an SOC analyst sees something on an endpoint, they can use Carbon Black Response to isolate that host from the customer's environment and prevent any kind of lateral spread."
"The detection response and quarantining are very good features."
"The pricing is very good."
"The most valuable features are simplicity and ease of integration."
"The automation is excellent."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
"The solution is very reliable."
"There have been some performance issues when deploying on Windows Server, but I believe Carbon Black is working on that."
"The product detects too many false positives initially and it could integrate better with other security solutions."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The user interface could be a bit better."
"There should be an on-premise version available for customers to have different choices."
"The solution is very expensive."
"I would love to see more flexibility on what we can display and design on the dashboards."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
"There is a yearly license required for this solution and it is expensive."
"It is approx $10,000 or $20,000 per year for two user licenses."
"From the cost perspective, I have heard that its price is a bit high as compared to other similar products."
"There is a perception that it is priced very high compared to other solutions."
CB Response is an industry-leading incident response and threat hunting solution designed
for security operations center (SOC) teams. CB Response continuously records and stores
unfiltered endpoint data, so that security professionals can hunt threats in real time and
visualize the complete attack kill chain. It leverages the CB Predictive Security Cloud’s
aggregated threat intelligence, which is applied to the endpoint activity system of record for
evidence and detection of these identified threats and patterns of behavior.
Demisto Enterprise delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
Carbon Black CB Response is ranked 3rd in Security Incident Response with 2 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 7 reviews. Carbon Black CB Response is rated 8.6, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of Carbon Black CB Response writes "Malicious activity detection response and automatic quarantining for endpoint security of your environment ". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Easy to use, stable, scalable, and has responsive support". Carbon Black CB Response is most compared with Carbon Black CB Defense, Secureworks Red Cloak Threat Detection and Response, Splunk Phantom, Cynet and Fortinet FortiSOAR, whereas Palo Alto Networks Cortex XSOAR is most compared with Splunk Phantom, Fortinet FortiSOAR, IBM Resilient, ServiceNow Security Operations and Siemplify.
We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.