We performed a comparison between NetWitness XDR and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Trend Micro XDR is commended for its holistic approach to threat prevention, real-time visualization, and ability to prioritize network-based detection and response. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: Some users found the initial setup of NetWitness uncomplicated, but others faced challenges. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer Trend Micro XDR over NetWitness XDR. Trend Micro XDR is commended for its comprehensive visibility, high detection rate, and user-friendliness. NetWitness XDR users report challenges with integration, setup, and performance. Trend Micro XDR is considered reasonably priced, while NetWitness XDR is viewed as expensive.
"Microsoft 365 Defender is simple to upgrade."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The stability of the RSA NetWitness Endpoint is very good."
"The interface of this solution is very flexible and easy to use."
"This solution allows us to locate the malware in real-time."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"It is stable. We have been using it for some time, without any issues."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"We've found the pricing to be reasonable."
"Scaling is not a problem at all."
"I appreciate the value of real-time activity monitoring."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"It helps us with investigations."
"They were one of the companies, early on, that spent a lot of time integrating their toolsets, and I was really impressed with that... the endpoint management system could reach out to the Deep Discovery system on the network and pick up something that it perceived as a suspicious object."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The mobile app support for Android and iOS is difficult and needs improvement."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The solution lacks a reporting engine."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"Threat detection could be better."
"The contamination feature could be improved."
"Results were delayed."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"It would be ideal if they could improve the control of connectivity between sensors."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"The price could be lower."
"They should increase their potential for third-party integrations."
"It is very expensive."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
NetWitness XDR is ranked 35th in Endpoint Detection and Response (EDR) with 15 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 42 reviews. NetWitness XDR is rated 8.0, while Trend Vision One is rated 8.6. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Trend Vision One is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One and Fortinet FortiEDR. See our NetWitness XDR vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
