Carbon Black EDR

Endpoint detection & response (EDR) software

Endpoint protection software

Features
Ease of use
Ease of management
Quality of support
Affordability
Market presence

Take the quiz to check if Carbon Black EDR and its alternatives fit your requirements.

Get started

Pricing from

Contact the product provider

Free Trial unavailable

Free version unavailable

User corporate size

Small

Medium

Large

User industry

Manufacturing
Healthcare and life sciences
Information technology and software

What is Carbon Black EDR

Carbon Black EDR is an endpoint detection and response platform that collects endpoint telemetry and provides threat hunting, detection, and incident response workflows. It is used by security operations teams to investigate suspicious activity, contain endpoints, and support forensic analysis across Windows, macOS, and Linux environments. The product emphasizes continuous endpoint visibility and query-based hunting over historical event data, typically deployed in organizations that need analyst-driven investigations and response.

Deep endpoint telemetry retention

The product captures detailed endpoint activity (process, file, network, and user context) to support investigations and retrospective analysis. This depth is useful for threat hunting and for reconstructing attack timelines. It aligns well with teams that need endpoint-centric forensics rather than only alert-driven triage.

Threat hunting and querying

Carbon Black EDR supports analyst-led hunting using queries over collected endpoint data. This enables proactive discovery of suspicious patterns that may not trigger standard detections. It is particularly valuable for mature SOCs that maintain hypotheses, playbooks, and custom detection logic.

Endpoint containment capabilities

The platform includes response actions that help limit attacker movement from an affected endpoint. These controls support incident response workflows by allowing analysts to take action without waiting for separate endpoint management tools. This can reduce time-to-containment during active investigations.

Operational complexity for small teams

The product’s value depends heavily on ongoing tuning, hunting, and analyst workflows. Organizations without dedicated security operations staff may struggle to operationalize it effectively. Teams looking for a more turnkey, managed experience may find the day-to-day overhead higher than expected.

EDR-first, broader platform gaps

Carbon Black EDR focuses on endpoint telemetry, investigation, and response rather than providing an all-in-one security operations platform. Buyers may still need separate tools for areas such as broader log/SIEM coverage, unified case management across sources, or extended cloud posture controls. This can increase integration and licensing complexity in multi-tool environments.

Licensing and packaging variability

Carbon Black capabilities are commonly packaged across multiple endpoint security offerings, which can make it harder to map requirements to the correct edition. Feature availability can vary by contract and bundle. This can complicate procurement comparisons and long-term cost forecasting.

Seller details

Broadcom Inc.

Palo Alto, California, USA

1961

Public

https://www.broadcom.com/

https://x.com/Broadcom

https://www.linkedin.com/company/broadcom/

Tools by Broadcom Inc.

VMware Integrated OpenStack

›

Layer7 API Management

›

Layer7 API Gateway

›

Layer7 API Developer Portal

›

Clarity Design System

Broadcom Service Virtualization

›

CA RFID Asset Management

›

Clarity

›

VMware Cloud Foundation

›

VMware Cloud Director

›

VMware Cloud on AWS

›

VMware vSphere Foundation

›

DX Unified Infrastructure Management

›

Best Carbon Black EDR alternatives

SentinelOne Singularity Endpoint

›

Bitdefender GravityZone

›

See all alternatives

›

Generative AI & LLM	AI code generation software AI image generators software AI video generators AI writing assistants Large language models (LLMs) software
Agents, autonomous & workflow automation	AI chatbots software AI customer support agents software Bot platforms software General-purpose AI agents
Vertical AI	Data science and machine learning platforms Machine learning software
Sales	CPQ software CRM software E-signature software Sales enablement software
Marketing	Email marketing software Marketing automation software SEO tools Social media management tools
Security	Antivirus software Firewall software Identity and access management (IAM) software
Analytics	Analytics platforms Data visualization tools
Collaboration & productivity	Collaborative whiteboard software Video conferencing software
Commerce	E-commerce platforms Payment processing software
Content management	Document management software Knowledge base software Website builder software
Customer service	Customer service automation software Customer success software Help desk software Live chat software
Development	Cloud platform as a service (PaaS) software
ERP	Accounting software ERP systems Expense management software Project management software
HR	Applicant tracking systems (ATS) Payroll software Time tracking software
IT infrastructure	Data warehouse solutions ETL tools Infrastructure as a service (IaaS) providers iPaaS software
IT management	Business process management software Robotic process automation (RPA) software Workflow management software

Carbon Black EDR

What is Carbon Black EDR

Deep endpoint telemetry retention

Threat hunting and querying

Endpoint containment capabilities

Operational complexity for small teams

EDR-first, broader platform gaps

Licensing and packaging variability

Seller details

Tools by Broadcom Inc.

Best Carbon Black EDR alternatives

Popular categories

Generative AI & LLM

Agents, autonomous & workflow automation

Vertical AI

Sales

Marketing

Security

Analytics

Collaboration & productivity

Commerce

Content management

Customer service

Development

ERP

HR

IT infrastructure

IT management