We performed a comparison between Fidelis Elevate and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I have found the ability to delete unwanted threats beneficial."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"It has great stability."
"The threat intelligence is excellent."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies."
"The solution's technical support is perfect, so I rate the technical support a ten out of ten"
"It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM."
"It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly"
"Compared to similar solutions, it's quite scalable. You just need to add more storage to scale-up."
"There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs."
"After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours."
"The initial setup is very straightforward. The deployment of the server doesn't take so long; about a day or two max."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"Ability to isolate the machine when there are malicious files."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"The log correlation is good."
"The interface of this solution is very flexible and easy to use."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"The stability of the RSA NetWitness Endpoint is very good."
"Technical support is knowledgeable."
"Sometimes, configurations take much longer than expected."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"We should be able to use the product on devices like Apple, Linux, etc."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The reports in the endpoint area of Elevate can be improved."
"There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial."
"I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls."
"Configuration, in terms of building the collector and communicating with endpoints, is complex."
"The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface."
"Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement."
"We position the solution as an antivirus, but this part of the solution needs improvement. They need to generally enhance the features that they have, rather than adding anything new."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The solution lacks a reporting engine."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The initial setup requires a high level of skill."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
Fidelis Elevate is ranked 21st in Extended Detection and Response (XDR) with 7 reviews while NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews. Fidelis Elevate is rated 8.4, while NetWitness XDR is rated 8.0. The top reviewer of Fidelis Elevate writes "Advanced threat detection capabilities with comprehensive incident response features providing robust cybersecurity for organizations". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Fidelis Elevate is most compared with Microsoft Defender for Endpoint, VMware Carbon Black Cloud, CrowdStrike Falcon, Symantec Endpoint Detection and Response and Cortex XDR by Palo Alto Networks, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Trend Vision One Endpoint Security. See our Fidelis Elevate vs. NetWitness XDR report.
See our list of best Extended Detection and Response (XDR) vendors, best Endpoint Detection and Response (EDR) vendors, and best Network Detection and Response (NDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
