We performed a comparison between Darktrace and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One thing I appreciate is Antigena Email, which is for email protection."
"Technical support is helpful and responsive."
"It's a very stable product."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
"The active threat dashboard is the most valuable feature of this solution."
"I am impressed with the product's ability to give insights into network traffic."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"The interface of this solution is very flexible and easy to use."
"It is stable. We have been using it for some time, without any issues."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"The stability of the RSA NetWitness Endpoint is very good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"This solution allows us to locate the malware in real-time."
"The log correlation is good."
"I think there is some MSSP missing."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"The solution could be easier to use."
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"The price point for the product was too high for what our possible use case could be."
"Upper management wasn't sold on the value proposition."
"We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The initial setup requires a high level of skill."
"The contamination feature could be improved."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
Darktrace is ranked 1st in Network Detection and Response (NDR) with 65 reviews while NetWitness XDR is ranked 9th in Network Detection and Response (NDR) with 15 reviews. Darktrace is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas NetWitness XDR is most compared with ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Vectra AI. See our Darktrace vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.