We performed a comparison between Elastic Security and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"Stability-wise, I rate the solution a ten out of ten."
"The solution is quite stable. The performance has been good."
"The most valuable feature for me is Discover."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"The feature that we have found the most valuable is scalability."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"NetWitness can be highly beneficial for incident detection and response."
"It's quite economical compared to other solutions in the market."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"Incident management is its most valuable feature."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"The solution could offer better reporting features."
"There is an area of improvement in the Logs list. The load list may need to be paginated as there are limits."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"Security needs improvement."
"Its technical support could be better."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"An area for improvement would be better automation and more inbuilt use cases."
"The initial setup is complex. There are other solutions that are easier to implement."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
Elastic Security is ranked 5th in Log Management with 59 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Elastic Security is rated 7.6, while NetWitness Platform is rated 7.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar and Cisco Secure Network Analytics. See our Elastic Security vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.