We performed a comparison between Elastic Security and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Enables monitoring of application performance and the ability to predict behaviors."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"The stability of the solution is good."
"ELK documentation is very good, so never needed to contact technical support."
"The most valuable feature for me is Discover."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The scalability is good. It can be scaled easily in the production environment."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"Their technical support responds quickly and are knowledgable."
"The product's initial setup phase was not at all difficult."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"I would like more ways to manage permissions and restrict access to certain users."
"Email notification should be done the same way as Logentries does it."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"If you compare this with CrowdStrike or Carbon Black, they can improve."
"It is difficult to anticipate and understand the space utilization, so more clarity there would be great."
"The solution could offer better reporting features."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"Technical support could be improved."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"Security needs improvement."
Elastic Security is ranked 5th in Log Management with 58 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. Elastic Security is rated 7.6, while NetWitness Platform is rated 7.4. The top reviewer of Elastic Security writes "Customizable with great dashboards but the premium support is poor". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar and Cisco Secure Network Analytics. See our Elastic Security vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.