We had LogRhythm in a POC environment. I did not like it because I experienced a lot of issues with it, and so, I chose RSA NetWitness instead.

Integration is exceedingly minimal, since its project development is much easier than that of LogRythm or IBM. This means that the solution is significantly more flexible for the customer and requires less training.

I previously prepared comparisons between solutions such as IBM QRadar and RSA NetWitness. Having worked for several large vendors, including IBM, I have insights into various security platforms. IBM QRadar, while mature and feature-rich, was behind RSA NetWitness in certain aspects. RSA was among the first to collect data from multiple sources, including live network traffic, endpoints, and logs, offering a more comprehensive approach to threat detection. Both vendors eventually incorporated Extended Detection and Response (XDR) capabilities into their solutions, but RSA was an early adopter. Nowadays, it's challenging to pinpoint significant differences in functionalities among various vendors, as most deliver similar capabilities. Performance and cost considerations may vary depending on the specific use case and hardware infrastructure. Thus, a thorough evaluation is essential when choosing a security platform.

My company has a hybrid environment. I have looked at other products like Splunk and Sentinel. I am still looking around for other solutions in the market. In my company, we are having discussions to move to some other solution.

We have looked through the Cisco solution to expand more devices from Fidelis to cover more areas of our network. I also evaluated Symantec and I have seen FireEye but it's hard to even compare those products to RSA.

We did not evaluate other options.

I did not evaluate other solutions.

We have looked at similar systems and find that the architecture is somewhat different, yet the functionality is similar.

Our partnership with RSA was already in place. No room for evaluation.

Top SIEM tools such as HP Arcsight, McAfee ESM, and IBM QRadar.

We had Blue Coat Security Analytics, but we’re an RSA partner so it was natural to use the technology available to us.

We also looked at IBM QRadar.

The only other solution similar to this is Solera and I do not think our organization will be switching to that.