RSA NetWitness Endpoint Room for Improvement

Dr Trust Tshepo Mapoka
Senior Cybersecurity Consultant at CIA Botswana

I would like to see Security Orchestration and Response Automation (SOAR) integration. This way, if there is an endpoint that has been compromised, you don't have to go about repairing or blacklisting it manually. Ideally, the system can have its own intelligence so that it can perform automated tasks without human intervention.

One of the drawbacks of using this product is that when you deploy, you have to create MSI files. These files have to be created for different operating systems, which means that you have to be conscious of which ones exist in your environment. For example, if you have Linux, MacBooks, and Windows machines, then you have to have MSI files created for each of them. Ideally, a single MSI file would be created to support deployment on any of the supported operating systems.

View full review »
Senior Cyber Security Analyst (SAFe Agile) at a transportation company with 1,001-5,000 employees

The contamination feature could be improved.

View full review »
Find out what your peers are saying about RSA, Carbon Black, CrowdStrike and others in Endpoint Protection (EPP) for Business. Updated: May 2021.
509,641 professionals have used our research since 2012.