If you were talking to someone whose organization is considering RSA NetWitness Endpoint, what would you say?
How would you rate it and why? Any other tips or advice?
We use the on-premises deployment model. The contamination should be improved. If a new user needs better contamination capabilities, they should use something else. I'd rate the solution seven out of ten. If it offered better triaging of incidents, I'd rate it higher.
My advice would be to go for it! It's a good solution and you will always have visibility over suspicious compromisers. It's an interesting solution that is very easy to deploy and you won't know there is this endpoint solution in your environment until someone tells you so. I rate this solution a ten out of ten.
I would highly recommend the solution. Just go ahead and get it. It is the best you can get. We chose a solution of RSA endpoint protection because of the value proposition they offered. It became clear that they have the right solution for a serious enterprise and the security operation center (SOC), and they offered the right value. It meets our major requirements and gives you peace of mind.