• Home
  • Microsoft Defender for Office 365 vs. NetWitness Platform

Microsoft Defender for Office 365 vs NetWitness Platform comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Defender for Office 365

Read 41 Microsoft Defender for Office 365 reviews
12,858 views|10,247 comparisons
97% willing to recommend
NetWitness Logo

NetWitness Platform

Read 36 NetWitness Platform reviews
1,183 views|721 comparisons
74% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Microsoft Defender for Office 365 vs. NetWitness Platform
September 2022
Executive Summary

We performed a comparison between Microsoft Defender for Office 365 and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two Email Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender for Office 365 vs. NetWitness Platform Report (Updated: September 2022).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Nagendra Nekkala.
The automated attack disruption works well if you have a strong policy configuration
365 Defender has improved our security across multiple categories. It's effective against advanced attacks like phishing and ransomware. Defender's... Read more →
Salah Sabouni
Provides comprehensive network visibility, and has available helpful support
Prior to implementing the solution, the customers had no visibility of their assets. However, after adopting the solution, they have gained... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks.""The deployment capability is a great feature.""The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple.""Since we have started using the solution, there have been fewer compromises.""The initial setup was easy.""Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors.""There are several features that I consider valuable.""The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint."

More Microsoft Defender for Office 365 Pros →

"The most valuable features are the threat prediction and network forensics.""The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs.""Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.""It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.""The product has a user-friendly interface and a valuable feature for threat intelligence integration.""The newer 11.5 version that my team is using has found it to have good mapping.""The most valuable features are the packet inspection and the automated incident response.""The most valuable feature is the hunting ability to work in a CERT."

More NetWitness Platform Pros →

Cons
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help.""Microsoft wants its well-paying customers to finish testing some of its half-baked products, find bugs, and report bugs back to Microsoft's team, which is a little frustrating for those who have to manage it and roll it up to thousands of people across the organization.""About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting.""There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types.""The UI needs to be more user-friendly.""We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.""There is room for improvement in terms of reporting."

More Microsoft Defender for Office 365 Cons →

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine.""The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too.""The multi-tenant capabilities are lagging compared to IBM QRadar.""The initial setup was complex because it takes a lot of time to complete the implementation.""Its technical support could be better.""The product's licensing models are complex to understand. This particular area needs improvement.""It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform.""The solution should have more integration capabilities with different platforms."

More NetWitness Platform Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • "The solution saves money so we have seen a return on investment."
  • "Defender for 365 comes in various plans and licenses, along with other Microsoft security solutions. Purchasing this kind of package or security bundle gives good value for money, and that's what I recommend."

    • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "It’s cheaper to run virtual machines in a VMware environment."
  • "The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
  • "It is cheap."
  • "The licenses are good but the cost is very expensive."
  • "This is a pricey solution; it's not cheap."
  • "We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
  • "Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
  • "Our license is for one year."

    • More NetWitness Platform Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Email Security solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What do you like most about Microsoft Defender for Office 365?
    Top Answer:Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the… more »
    Read all 32 answers   →
    What is your experience regarding pricing and costs for Microsoft Defende...
    Top Answer:The tool's pricing is reasonable.
    Read all 26 answers   →
    What needs improvement with Microsoft Defender for Office 365?
    Top Answer:The product must provide better malware detection. The detection algorithms don't perform the way I hope they would.
    Read all 27 answers   →
    What do you like most about NetWitness Platform?
    Top Answer:The product's initial setup phase was not at all difficult.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for NetWitness Platform?
    Top Answer:The product price was reasonable for my region and the market.
    Read all 16 answers   →
    What needs improvement with NetWitness Platform?
    Top Answer:From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building a… more »
    Read all 25 answers   →
    Ranking
    1st
    out of 107 in Email Security
    Views
    12,858
    Comparisons
    10,247
    Reviews
    28
    Average Words per Review
    653
    Rating
    8.4
    20th
    out of 95 in Log Management
    Views
    1,183
    Comparisons
    721
    Reviews
    10
    Average Words per Review
    458
    Rating
    7.2
    Comparisons
    Also Known As
    MS Defender for Office 365
    RSA Security Analytics
    Learn More
    Microsoft
    NetWitness
    Video Not Available
    Overview

    Microsoft Defender for Office 365 is a comprehensive security solution designed to protect organizations against advanced threats in their email, collaboration, and productivity environments. It combines the power of Microsoft's threat intelligence, machine learning, and behavioral analytics to provide real-time protection against phishing, malware, ransomware, and other malicious attacks.

    With Microsoft Defender for Office 365, organizations can safeguard their email communication by detecting and blocking malicious links, attachments, and unsafe email content. It employs advanced anti-phishing capabilities to identify and prevent sophisticated phishing attacks that attempt to steal sensitive information or compromise user credentials.

    This solution also offers robust protection against malware and ransomware. It leverages machine learning algorithms to analyze email attachments and URLs in real-time, identifying and blocking malicious content before it reaches users' inboxes. Additionally, it provides advanced threat-hunting capabilities, allowing security teams to proactively investigate and respond to potential threats.

    Microsoft Defender for Office 365 goes beyond email protection and extends its security features to other collaboration tools like SharePoint, OneDrive, and Teams. It scans files and documents stored in these platforms, ensuring that they are free from malware and other malicious content. It also provides visibility into user activities, helping organizations detect and mitigate insider threats.

    Furthermore, this solution offers rich reporting and analytics capabilities, providing organizations with insights into their security posture and threat landscape. It enables security administrators to monitor and manage security incidents, track trends, and take proactive measures to enhance their overall security posture.

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Manufacturing Company16%
    Computer Software Company16%
    Comms Service Provider13%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm9%
    Manufacturing Company7%
    Government7%
    REVIEWERS
    Financial Services Firm24%
    Computer Software Company24%
    Comms Service Provider24%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government10%
    Insurance Company6%
    Company Size
    REVIEWERS
    Small Business42%
    Midsize Enterprise16%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise19%
    Large Enterprise51%
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise67%
    Buyer's Guide
    Microsoft Defender for Office 365 vs. NetWitness Platform
    September 2022
    Free Report: Microsoft Defender for Office 365 vs. NetWitness Platform
    Find out what your peers are saying about Microsoft Defender for Office 365 vs. NetWitness Platform and other solutions. Updated: September 2022.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Microsoft Defender for Office 365 is ranked 1st in Email Security with 41 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Microsoft Defender for Office 365 is rated 8.4, while NetWitness Platform is rated 7.4. The top reviewer of Microsoft Defender for Office 365 writes "Allows for easy reporting of problems, valuable anti-phishing, and anti-malware support". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Microsoft Defender for Office 365 is most compared with Proofpoint Email Protection, Mimecast Email Security, Microsoft Exchange Online Protection (EOP), Barracuda Email Security Gateway and Cisco Secure Email, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics. See our Microsoft Defender for Office 365 vs. NetWitness Platform report.

    We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.