RSA NetWitness Endpoint Room for Improvement

Dr Trust Tshepo Mapoka
Senior Cybersecurity Consultant at CIA Botswana
I would like to see Security Orchestration and Response Automation (SOAR) integration. This way, if there is an endpoint that has been compromised, you don't have to go about repairing or blacklisting it manually. Ideally, the system can have its own intelligence so that it can perform automated tasks without human intervention. One of the drawbacks of using this product is that when you deploy, you have to create MSI files. These files have to be created for different operating systems, which means that you have to be conscious of which ones exist in your environment. For example, if you have Linux, MacBooks, and Windows machines, then you have to have MSI files created for each of them. Ideally, a single MSI file would be created to support deployment on any of the supported operating systems. View full review »
reviewer1259418
Senior Cyber Security Analyst (SAFe Agile) at a transportation company with 1,001-5,000 employees
The contamination feature could be improved. View full review »
it_user629541
Security Consultant at a tech services company with 10,001+ employees
This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available. View full review »
Find out what your peers are saying about RSA, Carbon Black, CrowdStrike and others in Endpoint Protection (EPP) for Business. Updated: July 2020.
431,024 professionals have used our research since 2012.