We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
"The pricing is very good. It's less expensive than many of the tools out there."
"The pricing is high."
"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
"It is an expensive product."
Earn 20 points
Vectra® is the leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.
MistNet focuses on securing complex enterprise environments by developing disruptive technology using cloud-based distributed AI and mist computing technology to dramatically improve threat detection and significantly reduce false positives. MistNet is deployed at scale in customers worldwide.
RSA NetWitness® Network exposes network data to enhance a security
team’s capabilities to detect and respond to today’s advanced threats. RSA
NetWitness Network provides immediate deep visibility for rapid detection,
efficient investigation and forensics, in order to reduce dwell time. With
unparalleled speed for real-time behavior analytics, RSA patented technology
accelerates detection and investigation of threats as they traverse your
network. RSA NetWitness Network provides real-time visibility into all your
network traffic—on premises, in the cloud and across virtual environments.
RSA NetWitness Network enables threat hunting with streamlined workflows
and integrated, automated investigation tools that analysts use to hunt
and monitor the timing and movements of threat actors. Through a unique
combination of behavioral analytics, data science techniques and threat
intelligence, RSA NetWitness Network detects known and unknown attacks
that put organizations at risk.
MistNet is ranked 13th in Network Detection and Response (NDR) while RSA NetWitness Network is ranked 6th in Network Detection and Response (NDR) with 2 reviews. MistNet is rated 0.0, while RSA NetWitness Network is rated 9.0. On the other hand, the top reviewer of RSA NetWitness Network writes "A stable solution that captures traffic with detailed communication logs". MistNet is most compared with Darktrace and ExtraHop Reveal(X) Cloud, whereas RSA NetWitness Network is most compared with ExtraHop Reveal(x), Darktrace, Cisco Stealthwatch, ExtraHop Reveal(X) Cloud and ManageEngine NetFlow Analyzer.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.