RSA NetWitness Endpoint Room for Improvement
I would like to see Security Orchestration and Response Automation (SOAR) integration. This way, if there is an endpoint that has been compromised, you don't have to go about repairing or blacklisting it manually. Ideally, the system can have its own intelligence so that it can perform automated tasks without human intervention.
One of the drawbacks of using this product is that when you deploy, you have to create MSI files. These files have to be created for different operating systems, which means that you have to be conscious of which ones exist in your environment. For example, if you have Linux, MacBooks, and Windows machines, then you have to have MSI files created for each of them. Ideally, a single MSI file would be created to support deployment on any of the supported operating systems.View full review »
Senior Cyber Security Analyst (SAFe Agile) at a transportation company with 1,001-5,000 employees
The contamination feature could be improved.View full review »