We performed a comparison between Cybereason Endpoint Detection & Response and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Forensics is a valuable feature of Fortinet FortiEDR."
"The product's initial setup phase is very easy."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The most valuable feature is the analysis, because of the beta structure."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"For me, the technical support is good."
"The dashboard is very good and you can consider it as an interactive UI."
"The interface is user-friendly."
"The initial setup was easy and straightforward."
"The initial setup is not overly complicated."
"The solution is efficient."
"The product's initial setup phase was not at all difficult."
"The most valuable feature is the hunting ability to work in a CERT."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"Incident management is its most valuable feature."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The most valuable features are the integration and ease of use."
"The most valuable features are the packet inspection and the automated incident response."
"Detections could be improved."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Cannot be used on mobile devices with a secure connection."
"Making the portal mobile friendly would be helpful when I am out of office."
"We find the solution to be a bit expensive."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The only minor concern is occasional interference with desired programs."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The product's reporting isn't great."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"It initially took some time to deploy."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"Cybereason does not have sandbox functionality."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"I feel that the product lacks reporting features and needs improvement."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"More customizability is required, which is something that they need to improve on."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
Cybereason Endpoint Detection & Response is ranked 37th in Endpoint Detection and Response (EDR) with 19 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Cybereason Endpoint Detection & Response is rated 8.0, while NetWitness Platform is rated 7.4. The top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.