We performed a comparison between Elastic Security and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Elastic is straightforward, easy to integrate, and highly customizable."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The most valuable feature is the ability to collect authentication information from service providers."
"Its flexibility is most valuable. We can have a number of scenarios, and we can get logs from anything. If we know how to use Logstash, we can tweak it in many ways. This makes the logging search on Elastic very easy."
"The most valuable feature for me is Discover."
"It can handle millions of loads at a time, and you can always use the filters to find exactly what you are looking for and detect errors in every log message you are searching for, basically."
"The performance is good and it is faster than IBM QRadar."
"The visualization is very good."
"The solution is really scalable for the high-end power, enterprise customer."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The most valuable feature is the security that it provides."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"It's quite economical compared to other solutions in the market."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"They don't provide user authentication and authorisation features (Shield) as a part of their open-source version."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"The biggest challenge has been related to the implementation."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"Technical support could respond faster."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"Sometimes, the solution isn't the easiest to use."
"Security needs improvement."
"The tool's integration capability isn't so great."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"More customizability is required, which is something that they need to improve on."
"It is not so easy to customize this product."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
Elastic Security is ranked 5th in Log Management with 59 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. Elastic Security is rated 7.6, while NetWitness Platform is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar and Cisco Secure Network Analytics. See our Elastic Security vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.