We performed a comparison between CylancePROTECT and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The stability is very good."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Very easy to deploy. It can be done one by one or deployed by customizing an MSI file for GPO push."
"The solution is stable."
"Blackberry Protect offers endpoint protection. It's easy to deploy. It's scalable and stable."
"What I like best about CylancePROTECT is its accuracy, as it doesn't give many false positives."
"It is extremely simple to manage and deploy."
"The most functional item that we use is the process to turn off the false flags that it causes."
"A user can continue to add endpoints and the solution will continue to perform well."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"The stability of the RSA NetWitness Endpoint is very good."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The interface of this solution is very flexible and easy to use."
"This solution allows us to locate the malware in real-time."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"It is stable. We have been using it for some time, without any issues."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The only minor concern is occasional interference with desired programs."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution should address emerging threats like SQL injection."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The company that sells us the licenses sometimes doesn't know how to do certain things."
"The product must make the interface a little more user-friendly."
"The solution’s user interface could be improved."
"The solution needs better dashboards that are easier to use."
"Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal."
"rom my experience interacting with the primary or the central administrative console, it's quite complex. You would need a fair bit of technical experience to set it up, implement and maintain it. That would be one area for improvement."
"It's a good solution but some features just need to be updated."
"An area for improvement in CylancePROTECT is its pricing, as it's a bit costly."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The initial setup requires a high level of skill."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
CylancePROTECT is ranked 27th in Endpoint Protection Platform (EPP) with 39 reviews while NetWitness XDR is ranked 40th in Endpoint Protection Platform (EPP) with 15 reviews. CylancePROTECT is rated 8.0, while NetWitness XDR is rated 8.0. The top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". CylancePROTECT is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our CylancePROTECT vs. NetWitness XDR report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.