The Total Economic Impact™ Of Carbon Black App Control

Cost Savings And Business Benefits Enabled By App Control

A Forrester Total Economic Impact Study Commissioned By Carbon Black, February 2024

As security threats and malware evolve, so has the need for technologies to combat these threats. Organizations can’t afford the loss of productivity caused by unscheduled downtime or performance degradation associated with a security breach nor can they afford the loss of reputation and subsequent costs. Given this rapidly evolving threat landscape, organizations are searching for security that works.

Carbon Black App Control leverages a positive security model allowing only trusted software to run. It can be deployed on-premises or on private and public clouds. It is effective in specialized use cases, such as end-of-life operating systems (EOL OS), protecting critical systems, and securing fixed function devices and air-gapped systems. 

Carbon Black App Control continuously protects against cyberthreats that evade traditional security defenses by employing a positive security model, which enables a default/deny security posture. App Control does not rely on a library or list of files to maintain, which can easily become outdated. Instead, it employs multiple approval methods, including IT- and cloud-driven trust, trusted publishers, custom rules, and validated external sources 

Carbon Black commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Carbon Black App Control.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of App Control on their organizations.

icon icon

Return on investment (ROI)


icon icon

Net present value (NPV)


To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four representatives with experience using App Control. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization that is a mission-critical financial services or government organization of 6,000 employees and a revenue of more than $500 million per year with high security risk.

Interviewees said that prior to using App Control, their organizations experienced malware and ransomware incidents, had a great deal of unknown and unauthorized software running in their environments, experienced version control issues, and did not have any solutions that could provide allow-listing and deny-listing.

After the investment in App Control, the interviewees had greater knowledge of the software running in their organizations’ environments and were able to implement security controls to the file and kernel levels. Interviewees appreciated App Control’s ease of use, positive security model that provided granular policies to guard against zero-day threats, and effective monitoring of their organizations’ endpoints. Some interview participants expressed their organizations had not experienced any security incidents after deploying App Control in high enforcement.

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

  • Increased productivity resulting from reduction in time spent on reimaging machines, worth a risk-adjusted $1.3 million over three years. With App Control’s functionality, the composite organization saves 1,500 hours annually from end-user support, diagnosis, and reimaging machines.
  • Increased productivity by reducing time addressing malware, worth a risk-adjusted $207,000 over three years. App Control drives the savings of 2.25 hours for each of the approximately 500 average malware incidents for the composite organization.
  • Increased productivity resulting from effort saved in conducting extensive investigations to identify sources of security problems, worth a risk-adjusted $117,000 over three years. The composite saves effort from conducting deep-dive investigations and root-cause analyses identifying sources of security issues because of App Control, amounting to 140 hours in Year 1, 126 hours in Year 2, and 113 hours in Year 3.

Unquantified benefits. Benefits that provide value for the interviewees’ organizations but are not quantified for this study include:

  • Risk management guesswork reduction. Interviewees touted that they saved time from taking guesswork out of risk management by two-thirds.
  • Meeting compliance mandates. The interviewees noted their organizations increased their ability to meet compliance mandates.
  • Ease of use. Forrester learned from interview participants that App Control is easy to use.

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

  • App Control server and desktop licenses. The composite organization pays risk-adjusted license fees of $234,000 for Carbon Black App Control over three years.
  • Carbon Black professional services fees. The composite organization incurs a risk-adjusted $298,000 for professional services over the initial two years to configure App Control, with most of these costs occurring in Year 1.

The representative interviews and financial analysis found that a composite organization experiences benefits of $1.63 million over three years versus costs of $532,000, adding up to a net present value (NPV) of $1.10 million and an ROI of 207%.

“Think about the productivity being lost from that employee. We’re having to wait for the machine to be reimaged, then having to wait to get any prior applications installed, reinstalled so they can get back to the state they were. And then also the possibility of any data that was work-related on the machines is now lost because we had to reimage. So I would estimate that it’s probably saved us in the tens of thousands just over time, if we’re putting a dollar sign on time.”

Cybersecurity analyst, government

Key Statistics

  • icon icon

    Return on investment (ROI)

  • icon icon

    Benefits PV

  • icon icon

    Net present value (NPV)

  • icon icon


    7 months
  • icon icon
  • icon icon
  • icon icon
  • icon icon

Benefits (Three-Year)

Increased productivity resulting from reduction in time spent reimaging machines Increased productivity by reducing time addressing malware Increased productivity resulting from effort saved in conducting extensive investigations to identify sources of security problems

TEI Framework And Methodology

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment App Control.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that App Control can have on an organization.

  1. Due Diligence

    Interviewed Carbon Black stakeholders and Forrester analysts to gather data relative to App Control.

  2. Interviews

    Interviewed four representatives at organizations using App Control to obtain data about costs, benefits, and risks.

  3. Composite Organization

    Designed a composite organization based on characteristics of the interviewees’ organizations.

  4. Financial Model Framework

    Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.

  5. Case Study

    Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.


Readers should be aware of the following:

This study is commissioned by Carbon Black and delivered by Forrester Consulting. It is not meant to be used as a competitive analysis.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in App Control.

Carbon Black reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

Carbon Black provided the customer names for the interviews but did not participate in the interviews.

Consulting Team:

Roger Nauth

Cookie Preferences

Accept Cookies

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions (data inputs, website navigation), so you don’t have to re-enter data when you come back to the site or browse from one page to another.

Behavioral information collected by our web analytics vendor is used to analyze data pertaining to visitor trends, plan website enhancements, and measure overall website effectiveness. We may also use cookies or web beacons to help us offer you products, programs, or services that may be of interest to you and to deliver relevant advertising. We may use third-party advertising companies to help tailor website content to users or to serve ads on our behalf. These companies may also employ cookies and web beacons to measure advertising effectiveness.

Please accept cookies and the collection of behavioral information to receive full functionality and enhance your experience. If you decline cookies, some features of the website may not function normally.

Please see our Privacy Policy for more information.