SentinelOne vs Carbon Black

01 September 2020 | ITHQ Tech Team

 

SentinelOne or Carbon Black?

SentinelOne is now a Leader on Gartner's Magic Quadrant whereas Carbon Black retains its Visionary status. This could be because Carbon Black is more of a NGAV platform, whereas SentinelOne delivers a full EPP.

This was highlighted in the recent MITRE ATT&CK APT 29 report, where Carbon Black missed 48 detections with SentinelOne only missing 9 (the lowest number of misses across all platforms tested).

If you're looking for a next generation endpoint protection solution and these two are on your long list, here's a direct comparison page to help.

 

Endpoint Protection: Key considerations

  • Is it easy to deploy and manage?
  • Is it dependent on cloud command and control for detection and response?
  • How effective has it been against zero-day attacks?
  • Do you have feature parity across Windows, Mac and Linux?
  • How does it perform in real world test scenarios?
  • What do other customers say about it?

 

Comparison of Business Benefits and Features

  carbon black logo SentinelOne logo
Business Benefits
Autonomous Protection and Response Partial Yes
Fast Recovery
Partial / Manual Can be automated or 1-click
OS freedom (Windows / Mac / Linux feature parity)
No feature parity Yes
Fewer alerts with more context
ThreatSight dependent Yes
Threat hunting
Yes Yes - full storyline
API integration
No - unconsolidated APIs across components Yes
     
Features
On-device AI
Yes
Yes
On-device behavioural AI
Yes
Yes
Exploit protection Partial - cloud dependent Yes + context
Lateral movement Partial - cloud dependent Yes + context
Remediation Partial - requries scripting Automated
Rollback No
Automated
Integrated threat feeds Yes
Yes
Remote shell Yes - but limited command set Yes
Device control Windows & USB only
Yes
Firewall control No
Yes
Bluetooth control No
Yes
Threat hunting
Yes
Yes - full storyline
Deep visibility No
Yes

 

Book my SentinelOne Demo I want to see complete XDR in action

 

Industry and Peer Reviews

Gartner Peer Insights

 

carbon black logo

VMware Carbon Black  EDR

SentinelOne logo

SentinelOne Endpoint Protection Platform by SentinelOne

 

Gartner Peer Insights Carbon Black vs SentinelOne

 

 

Gartner Magic Quadrant for Endpoint Protection Platforms

May 2021 - full report here

GMQ_21_leaders_S1

 

Independent Testing

carbon black logo

TESTING BODY

Vector_PRM
Scored good results in

Mitre no background

APT29 2020

Scored record results:

 - Least missed detections

 - Most high-quality detections

 - Most correlated   detections
Top ROI score 2019
NSS labs Top ROI score and Recommended rating 2019
Unknown VB100virus 100% block rate across   Windows testing
Approved for Windows 10 1 Approved for Windows and MacOS
Unknown 2 In top 10 vendors

 

Pricing

All prices calculated at per endpoint per month, for comparison purposes.

Pricing is 'starting from' and based on list pricing. It can be subject to change, volume discounts etc.

Correct at September 2020

Contact us for accurate pricing based on your specific requirements

 

SentinelOne logo

 Minimum purchase - 5 endpoints - only through ITHQ

Payment can be billed monthly - only through ITHQ

To achieve these prices below, minimum purchase 100 endpoints, billed annually.

Quote always required for accurate pricing

Core Control Complete
$4.16 $4.90 $9.00
Includes full advanced EDR
All Core features plus device, firewall and bluetooth control
All Control features plus threat hunting and deep visibility

 

carbon black logo

Minimum purchase - 100 endpoints

Payment always billed annually

Standard Advanced Enterprise
$2.50
$7.10
$11.70
Includes NGAV and behavioural EDR only All Standard features plus audit & remediation
All Advanced features plus threat hunting & incident response

 

Get my copy Forrester: SentinelOne TEI report shows 353% ROI