I wasn't a security or AV focused person as a background but a lot of posts treat CarbonBlack as a second or third rate product. Can anyone give an objective reason/s why that is? All I know is they had a lot of attrition in the dev team but I've no clue if that is the reason people here deride it.
17 replies (most recent on top)
Gartner has been hurting the industry for years, however customers love to ask for solutions included in the Gartner MQs, so who's to blame?
Oh Gartner the most relevant piece of news we could ever wish for......if Gartner mattered a lot of our products would be doing much better then they are.
in terms of the offering I am educated on it as I had to be because CB could never get their act together to sell the product on a few accounts I covered. Then when they did come in it was just to read the datasheet that the customer already had.
I personally think it was a mistake to get into that market that was already over saturated.
Don’t forget in the latest Gartner MQ
If you believe that Gartner's MQ is different than Google's promoted search results, I've got Enron stock to sell you.
The problem with CB is the same as with other BUs, inaproppriate management, especially those BUs that are not among the top-5 priorities for the company.
CB has good reputation in the security market, so if BC prefers to stick with Symantec instead of CB I’m sure BC will make money by selling it to other companies interested to enter the EPP/EDR market with a consolidated portfolio. Don’t forget in the latest Gartner MQ for EPP CB was placed on top of the Visionaries while Symantec is going downhill, two steps below, and nowdays certainly it doesn’t bode well for SYMC.
Time will tell, but instead of talking sh*t about products of the VMW portfolio we don’t know we should educate ourselves on our current offering.
Sounds like they need better marketing and sales then. Every account(quite a few) I have seen that had CB come in lost the deal to Trend or Crowdstrike. Even existing CB accounts
@1yhb+1ifAnFMQ CBC has already won opportunties against CS, MS, S1 and TrendMicro.
Bear in mind CB is known in the market for several years because of the amount of visibility it provides by monitoring continuosly in real-time all the activity registered in the endpoints, sending unfiltered data to the cloud platform, therefore it protects the endpoints detect any suspicious or malicious activity based on its knowledge, which relies mostly on the MITRE Attack framework, so, yes it’s not only based on signatures but also on behavior, it’s has NGAV capabilities.
You have a lot of competitive intelligence info on Klue to find out what areas CBC does better than those solutions, I will not spend my time here posting stuff already available, but as a suggestion just take a look at the latest AV-Comparatives test ( https://www.av-comparatives.org/tests/business-security-test-2022-march-june/ )and you’ll see how CBC performed against the competition.
By the way, Symantec’s EPP/EDR has been on decline since the BC acquisiton, so technically speaking Symantec’s offering is worse than CB’s offering when it comes to EPP/EDR/XDR/App Control
Oh, almost forgot. CB has solutions for airgapped zones such as On-Prem EDR and AppControl, besides that CBC could be used on an airgapped zone in the same way as any other cloud native EPP/EDR solution.
@1hbc+1ifAnFMQ In what ways would you say CBC is better than CrowdStrike, S1, or even Trend Micro? Do you think they would win in a bake-off or POC? Do you think CBC will make more of an impact than an already existing Symantec?
@1xro+1ifAnFMQ CBC is a NGAV solution as CS, MS or S1, it uses Avira only for dynamic analysis (sandboxing) of binaries, clearly you barely know about CBC.
And still some people wonder why CBC hasn’t done better, not even VMW employees know about CBC features and they simply try to bash it by claiming it doesn’t have NGAV capabilities when it does, and actually CBC does better than CS, MS and S1 in some areas.
CB still uses legacy signature-based approach (Avira AV under the hood) which tends to fail miserably against all of these new, more sophisticated attacks we see. That, compared with Red Canary, its not a superior product compared to CrowdStrike or S1. Basically same bad tech as Symantec
Doesn't work for Darksite / Air gapped networks
It's a valuable asset, doubled its revenues from 200-400 mill, bought for 2.1 bill, certainly would make sense to sell, unless there are parts of it they want to supplement Symantec with. Cloud Revenue is attractive to BCOM. Agree though a hash job of integration, parts of it still not integrated 4 years later, never really got selling it into the massive install base, opportunity missed. Great tech, lost a lot of good people though certainly the Security experts.
I would bet CB will be spun off or sold to other company since BC already has the SYMC portfolio.
CB has a great reputation when it comes to EDR and application control in the security market, though it’s missing features from the competition since the focus (priorities) has been to integrate it with VMW products (Workload Protection, Workspace One, Horizon,..) so all the efforts and development went in that direction instead of what the market is asking.
Very good products managed by people with no understanding of the security market
Maybe they should just sell a black box?
Probably because they have done a sh-t job integrating with VMware. The sales teams seem to have no idea how to sell it nor how to be engaged. Brian Madden put it best you could rip out what little they did in under a month and no one would notice
junk software that spies on us all day long.
Basically because the core sales teams don’t understand security or how to sell it. It is very apparent that they do not know what they are talking about when they meet with customers.
nobody cares about it, it'll be wiped out once Bcom takes over