CrowdStrike vs Carbon Black: Top EDR Solutions Compared

CrowdStrike Falcon and VMware Carbon Black are popular endpoint detection and response (EDR) products, and both scored high enough in our analysis to make our list of top EDR vendors.

Buyers often compare the two EDR products, and with good reason: both offer strong security and management features that can make a security operations center’s work easier. The difference in the two lies mainly in CrowdStrike’s advanced features, which are popular with security operations teams but come at a cost. That said, the cost of an EDR product is small compared to the nearly $4 million cost of the average data breach, so price should ideally be no object when purchasing an EDR solution. The best way to get pricing, of course, is to get quotes from multiple vendors on a configuration that meets your organization’s needs.

Detection and response

Both vendors have performed well in independent security tests. CrowdStrike scored higher on the difficult MITRE evaluation, while Carbon Black has scored well in both security effectiveness and total cost of ownership (TCO) in NSS Labs tests – tests avoided by CrowdStrike after a legal dispute between the two. Users of both products give high marks for their detection and response capabilities, so those test scores appear to carry over to production environments. Data breaches happen, so response is one of the driving factors in an EDR purchasing decision, and users of both tools report that their jobs are made easier by the ability of the EDR tools to respond to threats. CrowdStrike also offers an additional managed threat hunting service, Overwatch.

Management

Carbon Black offers nice out-of-the-box automation, with automated remediation a standard feature. Both products scored well in our analysis in Ease of Use and Deployment, but CrowdStrike received the higher overall Management score because of additional features like vulnerability management, device control, advanced threat hunting, rollback, guided investigation and mobile support. That said, Carbon Black scored very high in return on investment (ROI) in the NSS Labs evaluation, so the VMware product offers what’s needed to get the job done. Both EDR products are cloud-based and scored near the top in Deployment, offering a relatively easy implementation experience.

The bottom line

Carbon Black and CrowdStrike are both solid EDR products offering comparable security. Users of both are happy, but CrowdStrike users are a little more effusive in their praise. The difference between the two is largely in CrowdStrike’s wealth of advanced features – and potentially higher cost. Users report that both EDR solutions can get pricey, however. As with all IT products, the best product is the one that meets a buyer’s needs and budget. See our full list of top EDR products for other solutions that may meet your needs.

CrowdStrike and Carbon Black ratings

Here’s how the two EDR products compared in our analysis.

Detection Response Management Deployment Ease of use Value Support
CrowdStrike 4.7 4.7 4.5 4.6 4.6 4.7 4.8
VMware Carbon Black 4.3 4.4 4.2 4.4 4.5 4.6 4.3
Paul Shread
Paul Shread
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top Endpoint Detection and Response (EDR) Solutions

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application...

Best SIEM Tools & Software for 2021

Security Information and Event Management (SIEM, pronounced "sim") is a key enterprise security technology, with the ability...

Related articles