Deep Instinct Prevention Platform vs NetWitness XDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Deep Instinct Prevention Platform and NetWitness XDR based on real PeerSpot user reviews.

Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Deep Instinct Prevention Platform vs. NetWitness XDR Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution was relatively easy to deploy.""Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution.""Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance.""Fortinet has helped free up around 20 percent of our staff's time to help us out.""Ability to get forensics details and also memory exfiltration.""This is stable and scalable.""Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great.""The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"

More Fortinet FortiEDR Pros →

"Deep Instinct complements the solutions we already have. You don't need to rip and replace any antivirus or endpoint that you have. It's easy to use and it's easy to have it side-by-side with other solutions. That makes it really easy to have an additional level of protection, rather than to hassle with doing solution migration.""Deep Instinct was a strategic complement to our Open XDR platform.""The product offers integration capabilities and is also easy to use.""The most valuable feature is its ability to detect and eradicate ransomware using non-signature-based methods.""Stability-wise, I rate the solution a ten out of ten.""The most valuable features are the static/dynamic analyses. Deep Instinct's predictive model has very high accuracy and provides threat information for unknown malware, such as malware classification, static analysis information, and sandbox information.""It has the lowest false-positive ratio that I have come across. I have only had one which was a legitimate file that I had to whitelist. It was for one of the applications I was trying to install and integrate. But the false positive ratio is very low.""The CPU consumption is low compared to what I have been using in my current environment, which is Sophos. The footprint is a lot smaller, about a quarter of Sophos. It is very small."

More Deep Instinct Prevention Platform Pros →

"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues.""RSA NetWitness does market analysis in a more granular form. It gives you full visibility.""They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""Ability to isolate the machine when there are malicious files.""It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great.""Technical support is knowledgeable.""The log correlation is good."

More NetWitness XDR Pros →

Cons
"The solution is not stable.""The support needs improvement.""The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location.""Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR.""They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller.""The only minor concern is occasional interference with desired programs.""Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.""Detections could be improved."

More Fortinet FortiEDR Cons →

"Due to the nature of deep learning, it’s sometimes difficult to determine why the AI model has blocked a specific file, although this has improved over time.""The interface on the endpoint could be a little more descriptive and more valuable. It doesn't always tell you the data you need to see. Improvement there would be very helpful.""They have a manual, but it is not excessive.""Some features are too resource intensive.""I am looking forward to them adding Linux in Q1 or Q2 of 2019, as this is often requested by my partners and customers. Currently, Deep Instinct only has Windows, Mac, Android, and iOS.""If they can bring some additional, complementary solutions, like network scanning and the like, that will help. If they had some sort of a firewall which could help detect DDoS attacks and other things, it would be an improvement""When things get done automatically, I would appreciate more logging of what's happening in the background... we should be able to backtrack from the log that gets uploaded to our cloud instance and see, forensically, what the root cause was.""I think it's probably the administration, especially the administration platform, which could be improved in the solution. It's clunky and hard to navigate, especially for inexperienced technicians."

More Deep Instinct Prevention Platform Cons →

"I would like to see Security Orchestration and Response Automation (SOAR) integration.""The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution.""The threat intelligence could improve in RSA NetWitness Endpoint.""The solution lacks a reporting engine.""When analyzing something, you have to click several times. It requires a lot of effort to find something.""We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues.""The contamination feature could be improved.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

More NetWitness XDR Cons →

Pricing and Cost Advice
  • "I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service."
  • "There are no issues with the pricing."
  • "The price is comprable to other endpoint security solutions."
  • "The pricing is typical for enterprises and fairly priced."
  • "I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
  • "The pricing is good."
  • "I would rate the solution's pricing an eight out of ten."
  • "The hardware costs about €100,000 and about €20,000 annually for access."
  • More Fortinet FortiEDR Pricing and Cost Advice →

  • "If I include the false positive rate and the detection rate in the comparison, Deep Instinct is worth its price."
  • "The pricing is a little bit expensive but we are satisfied with DI's performance."
  • "In comparison to the other products out there, it's exceptionally competitively priced. When you consider the lower administrative overhead that it facilitates, it's an absolute value."
  • "Pricing and licensing are very straightforward. It's two SKUs, one is for the console and the other is for the client."
  • "One thing about their licensing program that I like is that just one covers the server as well as on the endpoint as well as mobile devices. There is no complexity in calculating how many SKUs I need for mobile, for laptop, for desktop, and for servers. It's very simple and that makes it much easier to budget."
  • "We are a nonprofit. The MSP had provides pretty decent nonprofit rates for us. This was one of the key factors that made us choose Deep Instinct over its competitors who were significantly more expensive."
  • "Its pricing is too high, but that is not because of the product. It is expensive because of the cost of the console. You need a console to control the whole thing, but the console is expensive. You have to split this cost among all possible users. Normally, to be able to make it economically attractive, you need at least 1,000 agents, PCs, or users. If you have a customer with 300 to 500 agents, PCs, or users, it becomes too pricey."
  • "Their pricing is very competitive. It is good, fair, and a lot cheaper than what we were doing with Cylance."
  • More Deep Instinct Prevention Platform Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
  • More NetWitness XDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EPP (Endpoint Protection for Business) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection… more »
    Top Answer:The product's initial setup phase is very easy.
    Top Answer:Fortinet FortiEDR is available at a very competitive price compared to the other products in the market. Customers also… more »
    Top Answer:The product offers integration capabilities and is also easy to use.
    Top Answer:There is a need for customers of the product to pay towards the licensing costs of the tool.
    Top Answer:The solution's stability is good. If the tool was able to provide fine-tuning capabilities from the product's end… more »
    Top Answer:Technical support is knowledgeable.
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Comparisons
    Also Known As
    enSilo, FortiEDR
    RSA ECAT, NetWitness Network
    Learn More
    Overview

    Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

    Fortinet FortiEDR Features

    Fortinet FortiEDR has many valuable key features, including:

    • Easily customizable
    • Real-time proactive risk mitigation & IoT security
    • Pre-infection protection
    • Post-infection protection
    • Track applications and ratings
    • Reduce the attack surface with risk-based proactive policies
    • Achieve analysis of entire log history
    • Optional managed detection and response (MDR) service

    Fortinet FortiEDR Benefits

    Some of the key benefits of using Fortinet FortiEDR include:

    • Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.

    • Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.

    • Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.

    • Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.

    • Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

    An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

    Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

    Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

    DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

    Deep Instinct PREVENTS >99% of UNKNOWN threats like ransomware and zero-days before they land inside your environment – not after. With both an agentless and agent-based approach, we ensure file-based and fileless attacks are prevented. To achieve this, Deep Instinct is pioneering the use of deep learning AI to prevent threats in <20ms, without requiring calls to the cloud for threat intelligence. Our ability to scale to the needs of the enterprise is unprecedented as is our delivery of the industry’s lowest false positive rate of <0.1%.

    The Deep Instinct Prevention Platform combines industry-leading static analysis based on the only deep learning framework dedicated to cybersecurity and includes two solutions:

    • Deep Instinct Prevention for Applications is a flexible, containerized and highly scalable solution, deployed via API or ICAP, to scan million so files per day and prevent malicious files from entering storage environments.
    • Deep Instinct for Endpoints complements EDR solutions by preventing threats pre-execution, minimizing false positives, improving the productivity of SOC teams, and increasing the efficiency of the security stack.

    To learn more, visit: https://www.deepinstinct.com.

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Sample Customers
    Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
    Information Not Available
    ADP, Ameritas, Partners Healthcare
    Top Industries
    REVIEWERS
    Financial Services Firm21%
    Manufacturing Company11%
    Comms Service Provider11%
    Hospitality Company5%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government8%
    Manufacturing Company8%
    Financial Services Firm8%
    REVIEWERS
    Computer Software Company25%
    Government25%
    Retailer13%
    Non Profit13%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm11%
    Manufacturing Company8%
    Government7%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business50%
    Midsize Enterprise16%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business50%
    Midsize Enterprise22%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise17%
    Large Enterprise52%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise68%
    Buyer's Guide
    Deep Instinct Prevention Platform vs. NetWitness XDR
    March 2024
    Find out what your peers are saying about Deep Instinct Prevention Platform vs. NetWitness XDR and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Deep Instinct Prevention Platform is ranked 20th in EPP (Endpoint Protection for Business) with 18 reviews while NetWitness XDR is ranked 41st in EPP (Endpoint Protection for Business) with 15 reviews. Deep Instinct Prevention Platform is rated 8.6, while NetWitness XDR is rated 8.0. The top reviewer of Deep Instinct Prevention Platform writes "Bolsters prevention with great detection and response capabilities". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Deep Instinct Prevention Platform is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, CylancePROTECT and Cisco Secure Endpoint, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and SentinelOne Singularity Complete. See our Deep Instinct Prevention Platform vs. NetWitness XDR report.

    See our list of best EPP (Endpoint Protection for Business) vendors.

    We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.