RSA NetWitness Endpoint Reviews

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Dr Trust Tshepo Mapoka
Reseller
Senior Cybersecurity Consultant at CIA Botswana
Jun 16 2020

What is most valuable?

The incident response is very good. When you are searching for malware, you can easily decrease the endpoints to narrow the search and find it. Examples of endpoints can be servers or laptops, each with different operating systems. This… more»

What needs improvement?

I would like to see Security Orchestration and Response Automation (SOAR) integration. This way, if there is an endpoint that has been compromised, you don't have to go about repairing or blacklisting it manually. Ideally, the system can… more»

What's my experience with pricing, setup cost, and licensing?

This is not an expensive product. The cost depends on the number of endpoints that you want to monitor, but it is not expensive.

What other advice do I have?

This is a product that I recommend. My advice for anybody who is implementing it is to make sure that they have somebody who understands it very well. Having somebody who will configure it properly is the right way to have it generate the… more»

Which other solutions did I evaluate?

There are several SIEM technologies that are available but one advantage of using RSA NetWitness is that you don't have to outsource the EDR component. It comes as part of the platform. This is in contrast to solutions like IBM QRadar… more»
Real User
Senior Cyber Security Analyst (SAFe Agile) at a transportation company with 1,001-5,000 employees
Jan 17 2020

What is most valuable?

The detection rate and tracking features including historical tracking, tracking of the fires on the desk, and tracking of the file last monitored are all quite valuable for us.

What needs improvement?

The contamination feature could be improved.

Which solution did I use previously and why did I switch?

We didn't previously use another solution.

What other advice do I have?

We use the on-premises deployment model. The contamination should be improved. If a new user needs better contamination capabilities, they should use something else. I'd rate the solution seven out of ten. If it offered better triaging of incidents, I'd rate it higher.
Find out what your peers are saying about RSA, Carbon Black, CrowdStrike and others in Endpoint Protection (EPP) for Business. Updated: July 2020.
430,376 professionals have used our research since 2012.
Consultant
Security Consultant at a tech services company with 10,001+ employees
Jan 16 2019

What do you think of RSA NetWitness Endpoint?

What is our primary use case?

We are using it as a SIEM tool. 

What is most valuable?

One of the most valuable features is the Orchestrator.

What needs improvement?

This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is stable. We have been using it for some time, without any issues.

What do I think about the scalability of the solution?

I think it would scale nicely but we have not needed to expand our organizational needs yet.

How was the initial setup?

The initial setup was not complex.

What's my experience with pricing, setup cost, and licensing?

I do not have any…

Articles

User Assessments By Topic About RSA NetWitness Endpoint

Find out what your peers are saying about RSA, Carbon Black, CrowdStrike and others in Endpoint Protection (EPP) for Business. Updated: July 2020.
430,376 professionals have used our research since 2012.

RSA NetWitness Endpoint Questions

What is RSA NetWitness Endpoint?

RSA NetWitness Endpoint is an endpoint detection and response solution that employs a combination of live memory analysis, continuous behavioral monitoring, and advanced machine learning to detect known, new, unknown, and non-malware threats that other solutions miss entirely. RSA NetWitness Endpoint helps focus investigations amid thousands of alerts and offers 3X the impact for security teams by considerably reducing attacker dwelltime and accelerating threat response.
Also known as
RSA ECAT
RSA NetWitness Endpoint customers
ADP, Ameritas, Partners Healthcare
Read Archived Reviews