This content is currently locked.

Your current McLean & Company subscription does not include access to this content. Contact your account representative to gain access to Premium SoftwareReviews.

Contact Your Representative

Or Call Us:
+1-877-281-0480 (US/CAN) or
+1-703-544-9513 (International)

Broadcom

Carbon Black EDR

Composite Score

6.4 /10

CX Score

6.2 /10

19 Reviews Write a Review

What is Carbon Black EDR?

Carbon Black EDR is an incident response and threat hunting solution designed for Security Operations Center teams with offline environments or on-premises requirements. Carbon Black EDR continuously records and stores endpoint activity data so security professionals can hunt threats in real time and visualize the complete attack kill chain, using the Carbon Black Cloud’s aggregated threat intelligence.

Company Details

Need Assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Get Assistance

Carbon Black EDR Ratings

Real user data aggregated to summarize the product performance and customer experience.

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

75 Likeliness to Recommend

81 Plan to Renew

65 Satisfaction of Cost Relative to Value

{y}

{name}

Emotional Footprint Overview

Product scores listed below represent current data. This may be different from data contained in reports and awards, which express data as of their publication date.

+64 Net Emotional Footprint

The emotional sentiment held by end users of the software based on their experience with the vendor. Responses are captured on an eight-point scale.

How much do users love Carbon Black EDR?

19% Negative

0% Neutral

81% Positive

Pros

Respectful
Trustworthy
Caring
Client Friendly Policies

Cons

Less Performance Enhancing
Less Generous

Feature Ratings

Average 77

Mac OS support

Cross Platform Integration

Kernel Monitoring

Host NGFW Functionality

Centralized Management Portal

Ransomware Recovery and Removal

Automated Remediation

Cross Platform Support

Port and Device Control

System Hardening

Application Containment Mechanisms

Vendor Capability Ratings

Average 67

Product Strategy and Rate of Improvement

Breadth of Features

Vendor Support

Quality of Features

Ease of Data Integration

Business Value Created

Ease of IT Administration

Availability and Quality of Training

Ease of Customization

Ease of Implementation

Usability and Intuitiveness

Also Featured in...

Endpoint Detection & Response

Translation missing: en.product_page.ratings.score 7.3

View Carbon Black EDR in this category (opens in a new tab)

Carbon Black EDR Reviews

Thijs W.

Role: Information Technology
Industry: Technology
Involvement: IT Development, Integration, and Administration

Validated Review

Verified Reviewer

Submitted Nov 2024

Broad feature set with challenging implementation

Likeliness to Recommend

3 /10

What differentiates Carbon Black EDR from other similar products?

The broad feature set which has all sorts of capabilities. Also the user management features are quite extensive and make it easier to manage large organizations.

What is your favorite aspect of this product?

The possibility to create different policies which can be dynamically applied to certain groups.

What do you dislike most about this product?

The dynamic malware detection capabilities are flagging a lot of false positives, so much so that it was too much for the SOC.

What recommendations would you give to someone considering this product?

Ask yourself if you really need all the features, otherwise other products might be better.

Pros

Includes Product Enhancements
Trustworthy
Unique Features
Caring

Cons

Security Frustrates
Less Reliable
Less Performance Enhancing

Sunil K.

Role: Information Technology
Industry: Other
Involvement: IT Development, Integration, and Administration

Validated Review

Verified Reviewer

Submitted Jun 2026

EDR Platform with powerful threat visibility

Likeliness to Recommend

9 /10

What differentiates Carbon Black EDR from other similar products?

Carbon Black EDR has comprehensive endpoint visibility and forensic detail. The platform provides security teams with rich telemetry to help speed up investigation and threat hunting. The platform provides excellent insights that make it easier to spot suspicious act. Most importantly, it is a great addition to the organisations focusing on incident response, and endpoint visibility.

What is your favorite aspect of this product?

The best part of Carbon Black EDR is it gives you the great endpoint visibility during the investigation process. It also saves a lot of time of security team while threat hunting & analysing the root cause of security incidents.

What do you dislike most about this product?

The one thing which is kind of MSP as well as the bad point is the excessive numbers of endpoints it provides. While the experienced team can utilise it up to the best, but it can also be overwhelming for those who are new to the EDR tool or platform. Also, need an improvement in administrative & reporting tasks.

What recommendations would you give to someone considering this product?

The organization thinking of implementing Carbon Black EDR must go through the POC evaluation to check if their security requirements & technology stack is aligned. Great option for the organizations targeting incident response, threat hunting & endpoint visibility.

Pros

Security Protects
Helps Innovate
Continually Improving Product
Reliable

MAHANTESH S H.

Role: Information Technology
Industry: Finance
Involvement: IT Development, Integration, and Administration

Validated Review

Verified Reviewer

Submitted May 2026

Cardon black EDR for enterprise security

Likeliness to Recommend

8 /10

What differentiates Carbon Black EDR from other similar products?

Because of the real time monitoring, threat intel features. Good endpoint activity visibility and dahboard.

What is your favorite aspect of this product?

Favorite aspect about Carbon Black Eadar is the visibility and alerting capability. Detailed device timeline and artifacts present.

What do you dislike most about this product?

The Initial setup, integrations feels little tricky and complex for new users or beginners. KB artcile or KT or shadowing can help

What recommendations would you give to someone considering this product?

Would recommend deployment on endpoint, server, regular health check, proper policy configuration

Pros

Continually Improving Product
Unique Features
Saves Time
Transparent

How We Deliver

Events

Carbon Black EDR

What is Carbon Black EDR?

Company Details

Need Assistance?

Carbon Black EDR Ratings

75 Likeliness to Recommend

81 Plan to Renew

65 Satisfaction of Cost Relative to Value

Emotional Footprint Overview

+64 Net Emotional Footprint

How much do users love Carbon Black EDR?

Pros

Cons

Feature Ratings Average rating of all product features, some of which may not be shown below

Mac OS support Endpoint security support to identify and block threats on Mac workstations.

Cross Platform Integration Open API and net sec appliance integration with NGFW, SIEM, IPS/IDS, Automated Network Quarantining, DLP, Data Discovery, and Threat Intelligence.

Kernel Monitoring Monitoring of processes, memory, and system files at the OS level.

Host NGFW Functionality Includes policy-based default-deny/whitelisting and application verification and trust (VPN/virtualization).

Centralized Management Portal Includes multiple client management, push install capability, comprehensive policies for different groups, and active directory integration and synchronization.

Ransomware Recovery and Removal Recover files removed and/or encrypted by ransomware.

Automated Remediation Automate remediation of alerts due to exceeding defined thresholds e.g. trigger scripts to address low disk space alerts.

Cross Platform Support Includes the variety of client devices and operating systems supported by the solution.

Port and Device Control Includes USB encryption and endpoint data loss prevention.

System Hardening Automated vulnerability patching and vulnerability assessment.

Application Containment Mechanisms Includes cloud based protection, sandboxing, and local containerization.

Vendor Capability Ratings Average rating of all vendor capabilities, some of which may not be shown below

Product Strategy and Rate of Improvement Vendors who don't stay on top of emerging needs and trends won't enable you to meet your business goals. Use this data to separate innovators from imposters.

Breadth of Features Users prefer feature rich software that enables them to perform diverse series of tasks. This data expresses user satisfaction with the product's breadth of features.

Vendor Support The importance of vendor support will vary for each organization depending on internal capabilities, but there will always be issues that only the vendor can resolve.

Quality of Features Feature quality is just as important as quantity. Use this data to determine if this product will do what you're purchasing it to do, easily, intuitively, reliably, and effectively.

Ease of Data Integration Use this data to determine whether the product will cause headaches or make data integration easy.

Business Value Created Software needs to create value for employees, customers, partners, and, ultimately, shareholders. This data expresses user satisfaction - or lack thereof - with the product's business value.

Ease of IT Administration This data indicates whether IT personnel will be able to resolve issues and perform configurations efficiently and effectively.

Availability and Quality of Training Effective and readily available training enables users to get the most out of the software you've chosen. Use this section to make sure your vendor's training programs and materials measure up.

Ease of Customization Don't get bogged down in a difficult customization; use this data to make sure you can easily achieve the functionality you need for your particular situation.

Ease of Implementation Successfully implementing new software is necessary to realize its full value and promote end user adoption. This data indicates whether or not the product is easy to implement.

Usability and Intuitiveness End user learning curves cost the organization money. Pay attention to your end users' technical ability to determine how important UX is in your purchase.

Also Featured in...

Endpoint Detection & Response

Carbon Black EDR Reviews

Thijs W.

Broad feature set with challenging implementation

Likeliness to Recommend

Pros

Cons

Sunil K.

EDR Platform with powerful threat visibility

Likeliness to Recommend

Pros

MAHANTESH S H.

Cardon black EDR for enterprise security

Likeliness to Recommend

Pros

Schedule Your Call

Feature Ratings

Mac OS support

Cross Platform Integration

Kernel Monitoring

Host NGFW Functionality

Centralized Management Portal

Ransomware Recovery and Removal

Automated Remediation

Cross Platform Support

Port and Device Control

System Hardening

Application Containment Mechanisms

Vendor Capability Ratings

Product Strategy and Rate of Improvement

Breadth of Features

Vendor Support

Quality of Features

Ease of Data Integration

Business Value Created

Ease of IT Administration

Availability and Quality of Training

Ease of Customization

Ease of Implementation

Usability and Intuitiveness