We performed a comparison between NetWitness XDR and Secureworks Red Cloak Threat Detection and Response [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"It has great stability."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The most valuable feature is the network security."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"Technical support is knowledgeable."
"The interface of this solution is very flexible and easy to use."
"It is stable. We have been using it for some time, without any issues."
"The log correlation is good."
"The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
More Secureworks Red Cloak Threat Detection and Response [EOL] Pros →
"This solution could be improved if it included features such as those offered by Malwarebytes."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"The data recovery and backup could be improved."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"The contamination feature could be improved."
"Threat detection could be better."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"RSA NetWitness Network could improve on integration with non-native application integration."
"There are some automated network response portions that we want to turn up."
More Secureworks Red Cloak Threat Detection and Response [EOL] Cons →
Earn 20 points
NetWitness XDR is ranked 16th in Extended Detection and Response (XDR) with 15 reviews while Secureworks Red Cloak Threat Detection and Response [EOL] doesn't meet the minimum requirements to be ranked in Extended Detection and Response (XDR). NetWitness XDR is rated 8.0, while Secureworks Red Cloak Threat Detection and Response [EOL] is rated 8.0. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Secureworks Red Cloak Threat Detection and Response [EOL] writes "Simple deployment with good reports and dashboard". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and SentinelOne Singularity Complete, whereas Secureworks Red Cloak Threat Detection and Response [EOL] is most compared with VMware Carbon Black Endpoint, Cisco SecureX, Splunk SOAR and VMware Carbon Black Cloud.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.