SentinelOne vs Carbon Black

01 September 2020 | ITHQ Tech Team


SentinelOne or Carbon Black?

SentinelOne is now a Leader on Gartner's Magic Quadrant whereas Carbon Black retains its Visionary status. This could be because Carbon Black is more of a NGAV platform, whereas SentinelOne delivers a full EPP.

This was highlighted in the recent MITRE ATT&CK APT 29 report, where Carbon Black missed 48 detections with SentinelOne only missing 9 (the lowest number of misses across all platforms tested).

If you're looking for a next generation endpoint protection solution and these two are on your long list, here's a direct comparison page to help.


Endpoint Protection: Key considerations

  • Is it easy to deploy and manage?
  • Is it dependent on cloud command and control for detection and response?
  • How effective has it been against zero-day attacks?
  • Do you have feature parity across Windows, Mac and Linux?
  • How does it perform in real world test scenarios?
  • What do other customers say about it?


Comparison of Business Benefits and Features

  carbon black logo SentinelOne logo
Business Benefits
Autonomous Protection and Response Partial Yes
Fast Recovery
Partial / Manual Can be automated or 1-click
OS freedom (Windows / Mac / Linux feature parity)
No feature parity Yes
Fewer alerts with more context
ThreatSight dependent Yes
Threat hunting
Yes Yes - full storyline
API integration
No - unconsolidated APIs across components Yes
On-device AI
On-device behavioural AI
Exploit protection Partial - cloud dependent Yes + context
Lateral movement Partial - cloud dependent Yes + context
Remediation Partial - requries scripting Automated
Rollback No
Integrated threat feeds Yes
Remote shell Yes - but limited command set Yes
Device control Windows & USB only
Firewall control No
Bluetooth control No
Threat hunting
Yes - full storyline
Deep visibility No


Book my SentinelOne Demo I want to see complete XDR in action


Industry and Peer Reviews

Gartner Peer Insights


carbon black logo

VMware Carbon Black  EDR

SentinelOne logo

SentinelOne Endpoint Protection Platform by SentinelOne


Gartner Peer Insights Carbon Black vs SentinelOne



Gartner Magic Quadrant for Endpoint Protection Platforms

May 2021 - full report here



Independent Testing

carbon black logo


Scored good results in

Mitre no background

APT29 2020

Scored record results:

 - Least missed detections

 - Most high-quality detections

 - Most correlated   detections
Top ROI score 2019
NSS labs Top ROI score and Recommended rating 2019
Unknown VB100virus 100% block rate across   Windows testing
Approved for Windows 10 1 Approved for Windows and MacOS
Unknown 2 In top 10 vendors



All prices calculated at per endpoint per month, for comparison purposes.

Pricing is 'starting from' and based on list pricing. It can be subject to change, volume discounts etc.

Correct at September 2020

Contact us for accurate pricing based on your specific requirements


SentinelOne logo

 Minimum purchase - 5 endpoints - only through ITHQ

Payment can be billed monthly - only through ITHQ

To achieve these prices below, minimum purchase 100 endpoints, billed annually.

Quote always required for accurate pricing

Core Control Complete
$4.16 $4.90 $9.00
Includes full advanced EDR
All Core features plus device, firewall and bluetooth control
All Control features plus threat hunting and deep visibility


carbon black logo

Minimum purchase - 100 endpoints

Payment always billed annually

Standard Advanced Enterprise
Includes NGAV and behavioural EDR only All Standard features plus audit & remediation
All Advanced features plus threat hunting & incident response


Get my copy Forrester: SentinelOne TEI report shows 353% ROI