Ready to hit the track with SentinelOne? Race on!
Ready to hit the track with SentinelOne?
Experiencing a Breach?
  • 1-855-868-3733
  • Contact
  • Blog
en
  • English
  • 日本語
  • Deutsch
  • Español
  • Français
  • Italiano
  • Dutch
  • 한국어
Get a Demo
  • Platform
    The SentinelOne platform delivers the defenses you need to prevent, detect, and undo—known and unknown—threats.
    Platform OverviewPlatform PackagesSentinelOne vs CrowdStrike
    Platform Products
    • SingularitySingularity CompleteThe Future's Enterprise Security Platform
    • SingularitySingularity ControlSecurity with Suite Features
    • SingularitySingularity CoreCloud-Native NGAV
    • SingularitySingularity XDRExtended Detection & Response
    • SingularitySingularity Ranger IoTNetwork Visibility & Control
    • SingularitySingularity CloudContainer & Cloud Workload Security
    Platform Verticals
    • Energy
    • Finance
    • Healthcare
    • Higher Education
    • Retail
    • Manufacturing
  • Our Customers
  • Services
    Augment leading technology with trusted expertise, and get set up for success with hands-on support and training.
    Services OverviewGet Help Now
    Global Support & Services
    • Vigilance Respond Pro MDR + DFIRVigilance Respond Pro MDR + DFIR 24x7 MDR with Full-Scale
      Investigation and Response
    • Vigilance Respond MDRVigilance Respond MDR Dedicated SOC Expertise and Analysis
    • WatchTowerWatchTower Intelligence-Driven Threat Hunting
    • ReadinessReadiness Best-Practice Deployment and
      Quarterly Health Checks
    • Support ServicesSupport Services Tiered Support Options
      for Every Organisation
    • Technical Account ManagementTechnical Account Management Customer Success with
      Personalised Service
    • SentinelOne UniversitySentinelOne University Live and On-Demand Training
  • Partners
    See how SentinelOne works with trusted names worldwide to enhance programs, process, and technology.
    Program Overview
    OUR NETWORK
    • SingularitySingularity MarketplaceExtend the Power of S1 Technology
    • TechnologyTechnology Alliances See Integrated, Enterprise-Scale Solutions
    • ChannelChannel PartnersDeliver the Right Solutions. Together
    • Cyber RiskCyber Risk PartnersEnlist Pro Response and Advisory Terms
    • SentinelOneSentinelOne for AWSSentinelOne hosted in AWS regions around the world.
  • Resources
    • eBooks
    • White Papers
    • Datasheets
    • Case Studies
    • Webinars
    • Videos
    • Reports
    • Events
  • Company
    • Blog
    • Labs
    • Hack Chat
    • Press
    • News
    • FAQ
    • About Us
    • Careers
Back
  • Platform
    The SentinelOne platform delivers the defenses you need to prevent, detect, and undo—known and unknown—threats.
    Platform OverviewPlatform PackagesSentinelOne vs CrowdStrike
    Platform Products
    • SingularitySingularity CompleteThe Future's Enterprise Security Platform
    • SingularitySingularity ControlSecurity with Suite Features
    • SingularitySingularity CoreCloud-Native NGAV
    • SingularitySingularity XDRExtended Detection & Response
    • SingularitySingularity Ranger IoTNetwork Visibility & Control
    • SingularitySingularity CloudContainer & Cloud Workload Security
    Platform Verticals
    • Energy
    • Finance
    • Healthcare
    • Higher Education
    • Retail
    • Manufacturing
  • Our Customers
  • Services
    Augment leading technology with trusted expertise, and get set up for success with hands-on support and training.
    Services OverviewGet Help Now
    Global Support & Services
    • Vigilance Respond Pro MDR + DFIRVigilance Respond Pro MDR + DFIR 24x7 MDR with Full-Scale
      Investigation and Response
    • Vigilance Respond MDRVigilance Respond MDR Dedicated SOC Expertise and Analysis
    • WatchTowerWatchTower Intelligence-Driven Threat Hunting
    • ReadinessReadiness Best-Practice Deployment and
      Quarterly Health Checks
    • Support ServicesSupport Services Tiered Support Options
      for Every Organisation
    • Technical Account ManagementTechnical Account Management Customer Success with
      Personalised Service
    • SentinelOne UniversitySentinelOne University Live and On-Demand Training
  • Partners
    See how SentinelOne works with trusted names worldwide to enhance programs, process, and technology.
    Program Overview
    OUR NETWORK
    • SingularitySingularity MarketplaceExtend the Power of S1 Technology
    • TechnologyTechnology Alliances See Integrated, Enterprise-Scale Solutions
    • ChannelChannel PartnersDeliver the Right Solutions. Together
    • Cyber RiskCyber Risk PartnersEnlist Pro Response and Advisory Terms
    • SentinelOneSentinelOne for AWSSentinelOne hosted in AWS regions around the world.
  • Resources
    • eBooks
    • White Papers
    • Datasheets
    • Case Studies
    • Webinars
    • Videos
    • Reports
    • Events
  • Company
    • Blog
    • Labs
    • Hack Chat
    • Press
    • News
    • FAQ
    • About Us
    • Careers
  • 1-855-868-3733
  • Contact
  • Blog
Experiencing a Breach?
Get a Demo

SentinelOne
Vs Carbon Black

It’s as simple as 1-2-3: Discover why customers choose SentinelOne over VMware Carbon Black for endpoint & cloud protection, detection, and response.

Start a Free Trial

A SentinelOne cybersecurity specialist will contact you shortly. Your new cybersecurity journey awaits!

3 Reasons Why Teams
Trust SentinelOne Vs. Carbon Black

Performance

You Can Trust

You rely on your EPP & EDR solution to have your back when it matters most. In the 2020 MITRE ATT&CK® evaluation, SentinelOne correlated twice as many attacker techniques and missed 5x fewer detections as VMware Carbon Black.

 

On top of delivering superior detection & response, SentinelOne enables your business instead of hindering it: VMware customers report higher false positive rates that require time-consuming investigation, and console crashes that result in telemetry data loss, preventing effective threat hunting and incident response.

Solutions Designed

to Make the Most of Your Time

In today’s threat landscape, every second counts. SentinelOne makes it easy for any team to get started and become experts with a single, fast-to-deploy agent, automatic reconstruction of attack Storylines™, and 1-click remediation & rollback.

 

Don’t just take it from us: Learn how SentinelOne customers see an average of 353% ROI in Forrester’s Total Economic Impact report, and hear from our customers why they choose us for endpoint security.

 

VMware Carbon Black, in contrast, requires extensive tuning & configuration (especially as your organization scales), overly complex queries for threat hunting, significant manual correlation of disconnected alerts, and manual re-imaging for “remediation.”

Protection from What You Know,

and What You Don’t

Prevention and detection solutions that focus on “known bad” only see half the picture. While SentinelOne leverages both static and behavioral AI engines to detect anomalous activity & modern attacks with or without cloud connectivity, VMware Carbon Black depends heavily on cloud access and file signatures sourced from third parties to identify attacks.

 

This outdated approach leaves behind gaps in your coverage and visibility, increasing potential dwell time and exposure to zero-day threats.

Comparing SentinelOne vs. Carbon Black

Carbon Black Logo

Platform Capabilities

  • Feature parity across operating systems: Includes legacy and modern versions of Windows, macOS, and Linux
  • Reduced feature set for macOS and Linux
  • Comprehensive cloud workload security: Protects cloud VMs, Docker containers, and Kubernetes clusters, supports 3x as many Linux distributions
  • Limited protection: Focuses primarily on vSphere integration, supports fewer Linux distros
  • Cloud connectivity optional: Best-in-class EPP + EDR, even when offline
  • Cloud-dependent: Detections and convictions rely heavily on cloud access
  • USB & Bluetooth Device Control and Firewall Control: Available across all platforms
  • Device control limited to USB, Windows OS
  • No firewall control
  • Automation & Recovery

  • Real-time, machine-powered attack reconstruction: Events are automatically reconstructed into easily navigable Storylines™, focused & contextualized alerts for analysts means faster MTTR
  • Disconnected security events resulting in alert fatigue: Requires heavy manual correlation & reconstruction, as noted in the MITRE evaluation
  • Fully automated recovery: Autonomous & 1-click remediation and patented rollback
  • Manual, scripted “remediation”: Just restores endpoints to pre-infected state
  • EDR Quality & Coverage

  • Static & behavioral AI-driven detection: Equipped to handle unknown threats and modern TTPs, including fileless and in-memory attacks
  • Traditional, signature-based approach: Misses fileless, advanced attacks, rudimentary AI capabilities
  • MITRE ATT&CK mapping: Integrates with MITRE Framework for easier, more intuitive investigation
  • No MITRE ATT&CK Framework mapping
  • Fewest misses, richest detections in 2020 MITRE ATT&CK® evaluation: SentinelOne outperformed VMware Carbon Black, correlating twice as many techniques and producing 1/5th as many misses
  • Half as many correlated techniques, 5x more misses: Carbon Black missed 47 detections (among the most misses of the vendors evaluated)
  • Accessible upgrades up to 365 days for EDR data retention
  • Substantial cost for “Flexible” retention over 6 months: Customers report frequent outages & API data restrictions
  • Value-Adding Services

  • Comprehensive portfolio of support & managed security services: Includes Vigilance Respond MDR & Vigilance Respond Pro MDR+DFIR staffed by in-house experts
  • Single managed detection offering: Primarily for alert management and triage, no incident response capabilities
  • Globally accessible MDR, 24/7: Operations span North America, EMEA, and Asia Pacific regions
  • Limited operations: Single SOC based in Boulder, CO
  • Hear from Our Customers

    “SentinelOne was playing against some very well established players in the field, and it was a lot more compelling than what the rest was bringing to the table.”

    The World’s Leading and Largest

    Enterprises Trust SentinelOne

    Including 4 of the Fortune 10 and
    hundreds of the global 2000

    Purpose Built to Prevent Tomorrow’s Threats.

    Today.

    Your most sensitive data lives on the endpoint and in the cloud. Protect what matters most from cyberattacks. Fortify every edge of the network with realtime autonomous protection.
    Get a Demo
    Privacy Policy Terms of Service
    ©2021 SentinelOne, All Rights Reserved.

    The Gartner Peer Insights Customers’ Choice badge is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end-user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates.

    SentinelOne and its service providers use browser cookies or similar technologies as specified in the SentinelOne Privacy Policy. You can consent to the use of such technologies and browse the SentinelOne website by clicking the Accept button.
    Accept Reject