We performed a comparison between Microsoft Defender for Office 365 and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Email Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks."
"The deployment capability is a great feature."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"Since we have started using the solution, there have been fewer compromises."
"The initial setup was easy."
"Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors."
"There are several features that I consider valuable."
"The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint."
"The most valuable features are the threat prediction and network forensics."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"The newer 11.5 version that my team is using has found it to have good mapping."
"The most valuable features are the packet inspection and the automated incident response."
"The most valuable feature is the hunting ability to work in a CERT."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"Microsoft wants its well-paying customers to finish testing some of its half-baked products, find bugs, and report bugs back to Microsoft's team, which is a little frustrating for those who have to manage it and roll it up to thousands of people across the organization."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"The UI needs to be more user-friendly."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"There is room for improvement in terms of reporting."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"Its technical support could be better."
"The product's licensing models are complex to understand. This particular area needs improvement."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The solution should have more integration capabilities with different platforms."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Microsoft Defender for Office 365 is ranked 1st in Email Security with 41 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Microsoft Defender for Office 365 is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Barracuda Email Security Gateway and Cisco Secure Email, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics. See our Microsoft Defender for Office 365 vs. NetWitness Platform report.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.