We performed a comparison between Microsoft Defender for Office 365 and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Email Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe."
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"Microsoft Defender for Office 365 is a stable solution."
"The technical support is good and quick to resolve issues."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"Incident management is its most valuable feature."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The solution is really scalable for the high-end power, enterprise customer."
"The newer 11.5 version that my team is using has found it to have good mapping."
"The most valuable feature is the security that it provides."
"It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."
"Microsoft Defender for Office 365 should be more proactive."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included."
"The product must provide better malware detection."
"You should be able to deploy Defender for every subscription without the need to add servers."
"Configuration requires going to a lot of places rather than just accessing one tab."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"Health monitoring of the event sources and devices."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"The initial setup is complex. There are other solutions that are easier to implement."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"Security needs improvement."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Microsoft Defender for Office 365 is ranked 1st in Email Security with 41 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Microsoft Defender for Office 365 is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Cisco Secure Email and Barracuda Email Security Gateway, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Microsoft Defender for Office 365 vs. NetWitness Platform report.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
