BlackBerry Cylance Cybersecurity vs NetWitness NDR comparison

BlackBerry and NetWitness are both solutions in the Endpoint Protection Platform (EPP) category. BlackBerry is ranked #26 with an average rating of 8.3, while NetWitness is ranked #55. BlackBerry holds a 1.2% mindshare in EPP, compared to NetWitness’s 0.5% mindshare. Additionally, 85% of BlackBerry users are willing to recommend the solution, compared to 87% of NetWitness users who would recommend it.

BlackBerry Cylance Cybersec...

Read 44 BlackBerry Cylance Cybersecurity reviews

2,960 Views
2,664 Comparison Views

85% willing to recommend

NetWitness NDR

Read 15 NetWitness NDR reviews

2,568 Views
745 Comparison Views

87% willing to recommend

BlackBerry Cylance Cybersec...

NetWitness NDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 2, 2025

BlackBerry Cylance Cybersecurity and NetWitness NDR compete in the cybersecurity category, offering endpoint protection and network detection capabilities. BlackBerry Cylance has an edge due to its AI and machine learning focus, while NetWitness NDR is praised for its integration and incident response.

Features:BlackBerry Cylance excels with AI and machine learning-based malware protection, lightweight performance, and proactive threat detection. NetWitness NDR offers wide network visibility, seamless device integration, and signatureless malware detection.

Room for Improvement:BlackBerry Cylance receives feedback on false positives, complex configurations, and requests for more detailed post-incident data. NetWitness NDR needs better reporting, improved scalability, and easier setup processes.

Ease of Deployment and Customer Service:BlackBerry Cylance supports public, private, and hybrid environments, offering deployment versatility but with mixed customer support feedback. NetWitness NDR's on-premises solution is noted for effective and responsive customer and technical support.

Pricing and ROI:BlackBerry Cylance presents competitive pricing but is considered high-end by some, yet it is acknowledged for reducing labor costs. NetWitness NDR is seen as expensive, offering discounts for bulk purchases, and both provide good ROI with robust security and reduced response times.

To learn more, read our detailed BlackBerry Cylance Cybersecurity vs. NetWitness NDR Report (Updated: December 2025).

Buyer's Guide

BlackBerry Cylance Cybersecurity vs. NetWitness NDR

December 2025

Download the complete report

Helped 879,422 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

BlackBerry Cylance Cybersec...

Ranking in Endpoint Protection Platform (EPP)

26th

Average Rating

8.0

Reviews Sentiment

4.6

Number of Reviews

Ranking in other categories

No ranking in other categories

NetWitness NDR

Ranking in Endpoint Protection Platform (EPP)

55th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Threat Intelligence Platforms (TIP) (40th), Endpoint Detection and Response (EDR) (57th), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (19th), Extended Detection and Response (XDR) (37th)

Mindshare comparison

As of January 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.2%, down from 1.3% compared to the previous year. The mindshare of NetWitness NDR is 0.5%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP) Market Share Distribution
Product	Market Share (%)
BlackBerry Cylance Cybersecurity	1.2%
NetWitness NDR	0.5%
Other	98.3%

Endpoint Protection Platform (EPP)

Featured Reviews

Sooraj Makkancherrry

Security Operations Manager at Philips

Doesn't have daily updates, which is important for healthcare IT

I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.

Read full review

reviewer1799727

Manager, IT Security Operations at a non-profit with 11-50 employees

Reliable and good support but can be expensive

I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not only rely on the intelligence of the engineer in charge but to have some threat intelligence and some seeds of IOCs and to have the host have some artificial intelligence to reduce the number of false positives. I don't see this solution being very scalable. The solution is pricey.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of the best features of the solution is that it's easy to deploy."

"The Application Guard and ByteGuard are useful features."

"A user can continue to add endpoints and the solution will continue to perform well."

"I like the AI and mathematical components that they use."

"The most valuable features are script blocking and macros within Word documents for stopping unwanted applications from running in the background."

"In most cases, the solution's ability to detect in the MITRE framework, and its ability to be able to detect attacks in any one of seven or eight different areas of the life cycle of an attack is very useful."

"I've found the AI engine in CylancePROTECT to be particularly effective for technology and in preventing unknown threats."

"The solution is extremely scalable. It's got the hybrid functionality, it's got the system functionality and cloud functionality as well."

More BlackBerry Cylance Cybersecurity pros

"Technical support is knowledgeable."

"The stability of the RSA NetWitness Endpoint is very good."

"The interface of this solution is very flexible and easy to use."

"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."

"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."

"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."

"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."

"It is stable. We have been using it for some time, without any issues."

More NetWitness NDR pros

Cons

"The solution needs better dashboards that are easier to use."

"The high price of the product is an area of concern where improvements are required. The product's price should be more competitive."

"The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward."

"The OPTICS component could be made more user-friendly with respect to giving people more information."

"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."

"We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."

"The product must make the interface a little more user-friendly."

"CylancePROTECT could be improved in its technical support and communication."

More BlackBerry Cylance Cybersecurity cons

"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."

"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

"I would like to see Security Orchestration and Response Automation (SOAR) integration."

"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."

"The initial setup requires a high level of skill."

"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."

"The threat intelligence could improve in RSA NetWitness Endpoint."

"The contamination feature could be improved."

More NetWitness NDR cons

Pricing and Cost Advice

"I think that the price we are paying is good for what it is."

"Currently, we have competitive pricing for Cylance, which is affordable enough to consider."

"CylancePROTECT is worth the money, but I'm not sure of its exact price. I can't remember off the top of my head."

"CylancePROTECT's pricing is reasonable, at about €18 per user, per year."

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten."

"Our licensing cost for the solution is around $4,000 for six months. There are no costs in addition to the standard licensing fees."

"CylancePROTECT is an affordable solution."

"Shop around for sure and be assured the price you pay will be close to other solutions available, but even at a slight mark-up from the other solutions, you are getting real endpoint protection versus nothing more than a cheap security blanket that might keep you warm at night."

More BlackBerry Cylance Cybersecurity pricing and cost advice

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"It is highly scalable. It can be bought based on your requirements."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

"We are on a three-year contract to use RSA NetWitness Network."

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

More NetWitness NDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

879,422 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

10%

Computer Software Company

10%

Government

Comms Service Provider

Financial Services Firm

10%

Computer Software Company

10%

Manufacturing Company

Performing Arts

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	33
Midsize Enterprise	5
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	2
Large Enterprise	5

Questions from the Community

What do you like most about Blackberry Protect?

It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.

See all answers

What is your experience regarding pricing and costs for Blackberry Protect?

The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.

See all answers

What needs improvement with Blackberry Protect?

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs BlackBerry Cylance Cybersecurity

Compared 9% of the time

Microsoft Defender for Endpoint vs BlackBerry Cylance Cybersecurity

Compared 8% of the time

SentinelOne Singularity Complete vs BlackBerry Cylance Cybersecurity

Compared 7% of the time

VMware Carbon Black Endpoint vs BlackBerry Cylance Cybersecurity

Compared 7% of the time

Cisco Secure Endpoint vs BlackBerry Cylance Cybersecurity

Compared 6% of the time

More BlackBerry Cylance Cybersecurity Competitors

Darktrace vs NetWitness NDR

Compared 10% of the time

ExtraHop Reveal(x) vs NetWitness NDR

Compared 6% of the time

Wazuh vs NetWitness NDR

Compared 5% of the time

Cortex XDR by Palo Alto Networks vs NetWitness NDR

Compared 5% of the time

Trellix Endpoint Security Platform vs NetWitness NDR

Compared 5% of the time

More NetWitness NDR Competitors

Product Reports

Buyer's Guide

BlackBerry Cylance Cybersecurity

December 2025

Download BlackBerry Cylance Cybersecurity product report

Buyer's Guide

NetWitness NDR

December 2025

Download NetWitness NDR product report

Also Known As

Blackberry Protect

RSA ECAT, NetWitness Network

Overview

BlackBerry Cylance Cybersecurity leverages AI and machine learning for efficient malware detection and zero-day threat protection, offering robust endpoint security with high detection accuracy and low false positive rates.

BlackBerry Cylance Cybersecurity delivers advanced threat protection with AI-driven algorithms and machine learning. Its lightweight design ensures low system resource usage, making it both efficient and effective. It's recognized for centralized management, easy deployment, and a clean interface, providing comprehensive endpoint protection against diverse threats. The integration of features like CylanceOPTICS and behavioral monitoring enhances security insights. While the system excels in malware detection, enhancements are needed in areas like user interface design, reporting, deeper threat analysis, and integration with third-party systems. Support and pricing improvements could also increase competitiveness.

What are the key features of BlackBerry Cylance Cybersecurity?

AI and Machine Learning: Utilizes cutting-edge technology for malware and threat detection.
Zero-Day Protection: Safeguards against emerging threats without the need for constant updates.
Centralized Management: Simplifies deployment and management across devices.
CylanceOPTICS: Provides advanced security insights and behavioral monitoring.
Low Resource Usage: Ensures efficient operation with minimal system impact.

What benefits should users expect from BlackBerry Cylance Cybersecurity?

High Detection Accuracy: Reduces risk with minimal false positives.
Efficient Resource Management: Enhances performance with its lightweight design.
Proactive Threat Defense: Protects against a wide range of threats with centralized management.
Advanced Insights: Offers unique features for detailed security analysis.

Organizations deploy BlackBerry Cylance Cybersecurity for threat analytics, log management, and endpoint protection. As an antivirus replacement, it protects against zero-day malware, ransomware, and various threats. Its AI algorithms detect anomalies, minimizing risks in both internet-connected and isolated environments. Many businesses incorporate it into wider security strategies, appreciating its centralized management and proactive defense capabilities.

BlackBerry

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit

ADP, Ameritas, Partners Healthcare

Buyer's Guide

BlackBerry Cylance Cybersecurity vs. NetWitness NDR

December 2025

Free Report: BlackBerry Cylance Cybersecurity vs. NetWitness NDR

Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. NetWitness NDR and other solutions. Updated: December 2025.

DOWNLOAD NOW

879,422 professionals have used our research since 2012.

See our BlackBerry Cylance Cybersecurity vs. NetWitness NDR report.

See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.