Galvanize IncidentBond vs NetWitness XDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Galvanize IncidentBond and NetWitness XDR based on real PeerSpot user reviews.

Find out what your peers are saying about VMware, IBM, ServiceNow and others in Security Incident Response.
To learn more, read our detailed Security Incident Response Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The customization and the transparency of data while still maintaining a mostly user-friendly UI, are key features. It allows for me, as an engineer, to evolve the individual components and modules, and to create a much more meaningful picture than the individual pieces in isolation ever could."

More Galvanize IncidentBond Pros →

"The interface of this solution is very flexible and easy to use.""It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users.""It helps our security team respond more accurately when there are threats, then we get less false positives or negatives.""RSA NetWitness does market analysis in a more granular form. It gives you full visibility.""The stability of the RSA NetWitness Endpoint is very good.""Technical support is knowledgeable.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""This solution allows us to locate the malware in real-time."

More NetWitness XDR Pros →

Cons
"Stable – Release – Experimental" system with their releases, and all the proper checks and balances, I’d be an incredibly happy individual. I can appreciate the cause and affect, wherein the customization of the tool drives rapid release schedules, and the paradox that creates with the idea of stable releases. I’d also like more transparency about known bugs and issues."

More Galvanize IncidentBond Cons →

"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features.""Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.""The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution.""NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious.""We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues.""When analyzing something, you have to click several times. It requires a lot of effort to find something.""The contamination feature could be improved."

More NetWitness XDR Cons →

Pricing and Cost Advice
Information Not Available
  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
  • More NetWitness XDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Incident Response solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    Top Answer:Technical support is knowledgeable.
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the competition. I cannot speak to the exact pricing of the product.
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not… more »
    Ranking
    Views
    51
    Comparisons
    35
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    Views
    508
    Comparisons
    354
    Reviews
    7
    Average Words per Review
    322
    Rating
    7.9
    Comparisons
    Also Known As
    IncidentBond, Rsam SIRP, Rsam Incident Management, Rsam Security Incident Response Platform
    RSA ECAT, NetWitness Network
    Learn More
    Galvanize
    Video Not Available
    NetWitness
    Video Not Available
    Overview

    Rsam’s Security Incident Response Platform (SIRP) simplifies and speeds monitoring and resolution. Our dynamic workflow can replicate any existing incident management process and allows you to make changes as your processes evolve - all from a single interface. Track the lifecycle of a security incident and coordinate actions quickly and with ease. 

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Sample Customers
    Information Not Available
    ADP, Ameritas, Partners Healthcare
    Top Industries
    No Data Available
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    Company Size
    No Data Available
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise68%
    Buyer's Guide
    Security Incident Response
    March 2024
    Find out what your peers are saying about VMware, IBM, ServiceNow and others in Security Incident Response. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Galvanize IncidentBond is ranked 11th in Security Incident Response while NetWitness XDR is ranked 16th in Extended Detection and Response (XDR) with 15 reviews. Galvanize IncidentBond is rated 9.0, while NetWitness XDR is rated 8.0. The top reviewer of Galvanize IncidentBond writes "Customization and transparency of data, while maintaining a mostly user-friendly UI". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Galvanize IncidentBond is most compared with , whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and SentinelOne Singularity Complete.

    We monitor all Security Incident Response reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.