We performed a comparison between Cynet and NetWitness XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cynet offers strong ransomware protection and an intuitive interface. NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Cynet needs to expand device support and add customization options. Users suggest improving network monitoring and strengthening integration with other tools. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine.
Service and Support: Cynet's customer service is consistently lauded for its excellence. They have a dedicated support team that is available round the clock, and they also have a contingency plan for urgent incidents. NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours.
Ease of Deployment: Cynet’s setup is highly efficient, with the ability to configure thousands of devices quickly. Some users found the initial setup of NetWitness uncomplicated, but others faced challenges.
Pricing: Customers generally think Cynet's is affordable and a good value for its features. The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support.
ROI: Cynet yields an excellent ROI by preventing cyberattacks and safeguarding sensitive data. NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics.
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"I like that you can implement it in the managed service portfolio."
"I like that it is possible to use the solution to check more information about the users' devices."
"We are protecting all our workstations."
"The product has valuable front-end features."
"This solution requires less management and is very easy to use."
"The initial setup is simple and user-friendly."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"It is quite stable. I would rate the stability of the solution a nine out of ten."
"The stability of the RSA NetWitness Endpoint is very good."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"This solution allows us to locate the malware in real-time."
"The log correlation is good."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Sometimes, configurations take much longer than expected."
"The data recovery and backup could be improved."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"A support center in Asia is needed."
"We'd like something that makes it easier to manage specific points."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"There is room for improvement in terms of support. The support should be faster to respond."
"The reporting is a little weak and could be improved. The other downside is that Cynet does not use the local time zone. It's based off of Greenwich Mean Time."
"Sometimes, it is necessary for me to make important changes to a hard drive of a computer, and because Cynet does not allow me to do that, I have to go to the console and remove the computer from the security group just for Cynet. After that, I have to wait for 10 or 15 minutes for that to take effect. I would like to be able to disable Cynet locally. I shouldn’t have to go to the console to find the PC and then take it out of the group and then add it again to the group. I should locally be able to disable Cynet on a computer with a password or something like that, but it is currently not possible."
"Cynet fails to deploy the same technology in mobile devices."
"Automation could be improved, and orchestration could be added to the features."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The solution lacks a reporting engine."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"Threat detection could be better."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
Cynet is ranked 15th in Endpoint Protection Platform (EPP) with 35 reviews while NetWitness XDR is ranked 40th in Endpoint Protection Platform (EPP) with 15 reviews. Cynet is rated 8.8, while NetWitness XDR is rated 8.0. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, ESET Endpoint Protection Platform and Cortex XDR by Palo Alto Networks, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our Cynet vs. NetWitness XDR report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Network Detection and Response (NDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.