We performed a comparison between Bitdefender Sandbox Analyzer and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sandbox Analyzer is easy to use. It's simple to drill down into the data. In a lot of the competing products, an extremely informed end-user can do battle with the tools provided, but in today's market, end-users have less and less time to try and keep up. The CSAW alerts come out every day, and they're huge. Adobe did a master patch last Thursday and another one a few days later."
"It is easy to use, and there is a lot of automation. So, users don't need to worry about that."
"I like the fact that it works pretty well. It can be a little aggressive at times, but I'd rather have it be a little bit aggressive than not catch what it's supposed to catch. We've been running that platform for about five years, and we've not really had any viruses or malware get through. It's also easy to set up, and it's easy to manage."
"The solution is useful in the event of a gray file or grayware, as there are certain files users may download of which we know little about."
"The most valuable feature is the hunting ability to work in a CERT."
"It's quite economical compared to other solutions in the market."
"The solution is really scalable for the high-end power, enterprise customer."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"Their technical support responds quickly and are knowledgable."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The product's initial setup phase was not at all difficult."
"The most valuable feature is the security that it provides."
"We propose the on-premises solution to most of our customers, for which we must provide a license, although no such request accompanies customers who want a cloud-based solution."
"It would be better if there were real-time alerts. The whole suite, unlike most anti-virus consoles that just ping you when there's an infection or something, for some inexplicable reason, Bitdefender doesn't do that. The most you could do is get an hourly email, or maybe if there's an outbreak that affects 30% of our machines, it sends me an email. There's no real-time alert to say, "Hey, so-and-so literally 30 seconds ago just had this happen on their machine." Real-time reporting would be a huge improvement. All in all, it's a pretty nice product, generally speaking. They do a pretty good job. They can pretty much go toe to toe with just about anybody. But it's that kind of real-time nature. I've not had occasion to use the EDR portion to actually try and do any kind of custom scripting to drill into things that are going on at the endpoints. But my understanding from reading comments of others is that it's not particularly flexible in that regard to be able to do things like that."
"We would like to see the time it takes for the sandbox to analyze a file reduced from its ten or fifteen minute duration to five."
"It should be more secure. There should be more protection, especially for non-signature-based malware. It works fine for non-signature-based malware, but I expect it to become a bit more advanced to be able to cope with future or upcoming environments."
"It does everything we need. We haven't been able to throw anything at it that it couldn't handle."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"Health monitoring of the event sources and devices."
"Security needs improvement."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The solution should have more integration capabilities with different platforms."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
Bitdefender Sandbox Analyzer is ranked 17th in Advanced Threat Protection (ATP) with 4 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Bitdefender Sandbox Analyzer is rated 9.0, while NetWitness Platform is rated 7.4. The top reviewer of Bitdefender Sandbox Analyzer writes "You can create time-sensitive policies, apply them, and push reconfiguration, so that engine is functioning, tuned, and safe". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Bitdefender Sandbox Analyzer is most compared with Microsoft Defender for Office 365 and Microsoft Defender for Identity, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics. See our Bitdefender Sandbox Analyzer vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
