BlackBerry Cylance Cybersecurity vs NetWitness NDR comparison

BlackBerry and NetWitness are both solutions in the Endpoint Protection Platform (EPP) category. BlackBerry is ranked #20 with an average rating of 8.4, while NetWitness is ranked #59. BlackBerry holds a 1.1% mindshare in EPP, compared to NetWitness’s 0.3% mindshare. Additionally, 85% of BlackBerry users are willing to recommend the solution, compared to 87% of NetWitness users who would recommend it.

BlackBerry Cylance Cybersec...

Read 44 BlackBerry Cylance Cybersecurity reviews

3,116 Views
1,724 Comparison Views

85% willing to recommend

NetWitness NDR

Read 15 NetWitness NDR reviews

565 Views
312 Comparison Views

87% willing to recommend

BlackBerry Cylance Cybersec...

NetWitness NDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Apr 20, 2025

BlackBerry Cylance Cybersecurity and NetWitness NDR are leading solutions in the cybersecurity category. While both have unique strengths, NetWitness holds the upper hand in comprehensive threat visibility and threat analysis capabilities.

Features: BlackBerry Cylance offers AI-driven endpoint protection optimized for minimal resource usage, centralized management features, and script blocking to stop malicious applications. NetWitness provides extensive network visibility, seamless integration across systems, and effective threat detection with signatureless malware capabilities.

Room for Improvement: BlackBerry Cylance could benefit from reducing false positives, enhancing its management console interface, and including additional integrated features like firewalls. Improvements in reporting capabilities and wider OS support are also needed. For NetWitness, better usability, expanded scalability, and more robust integration with third-party platforms are key areas for development, along with enhancing threat intelligence and simplifying deployment.

Ease of Deployment and Customer Service: BlackBerry Cylance offers flexible deployment options across public, private, and hybrid clouds, though user experiences with support are mixed. NetWitness, primarily an on-premises solution, is praised for its excellent technical support but may not suit less complex environments. While Cylance excels in deployment versatility, NetWitness is recognized for its consistent and responsive customer service.

Pricing and ROI: BlackBerry Cylance operates on a competitive subscription model providing good ROI through smooth endpoint protection, although some users consider it expensive. NetWitness's pricing is variable and can be high, especially in certain regions like India. Despite this, its ROI is favorable due to efficiency in labor hours and proactive threat management capabilities. Cylance is noted for affordability, whereas NetWitness's costs are balanced by flexible service options.

To learn more, read our detailed BlackBerry Cylance Cybersecurity vs. NetWitness NDR Report (Updated: June 2025).

Buyer's Guide

BlackBerry Cylance Cybersecurity vs. NetWitness NDR

June 2025

Download the complete report

Helped 859,438 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

BlackBerry Cylance Cybersec...

Ranking in Endpoint Protection Platform (EPP)

20th

Average Rating

8.0

Reviews Sentiment

4.6

Number of Reviews

Ranking in other categories

No ranking in other categories

NetWitness NDR

Ranking in Endpoint Protection Platform (EPP)

59th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Threat Intelligence Platforms (39th), Endpoint Detection and Response (EDR) (60th), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (21st), Extended Detection and Response (XDR) (38th)

Mindshare comparison

As of June 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.5% compared to the previous year. The mindshare of NetWitness NDR is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

Sooraj Makkancherrry

Security Operations Manager at Philips

Doesn't have daily updates, which is important for healthcare IT

I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.

Read full review

SupravatMaji

Associate Vice President - IT Security at Inspira Enterprise

Beneficial single unified dashboard, good native application integration, and high availability

My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It actively monitors the behavior and activity of processes and will, without hesitation, terminate at root anything it determines to be suspect."

"The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations."

"Specifically for a Windows domain environment, the product can be customized and pushed via GPO or SCCM without issue."

"The solution is easy to deploy."

"What I like best about CylancePROTECT is its accuracy, as it doesn't give many false positives."

"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."

"The initial setup of CylancePROTECT is very easy."

"The most valuable feature of CylancePROTECT is the support."

More BlackBerry Cylance Cybersecurity pros

"The log correlation is good."

"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."

"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."

"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."

"The stability of the RSA NetWitness Endpoint is very good."

"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."

"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."

"Ability to isolate the machine when there are malicious files."

More NetWitness NDR pros

Cons

"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."

"The solution’s technical support could be improved."

"It should provide more details about the events that they have detected."

"The product must make the interface a little more user-friendly."

"I would say one thing that they might need to bring in is protection for mobile devices."

"We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."

"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."

"Reporting is an area with shortcomings in CylancePROTECT that needs to be improved."

More BlackBerry Cylance Cybersecurity cons

"I would like to see Security Orchestration and Response Automation (SOAR) integration."

"RSA NetWitness Network could improve on integration with non-native application integration."

"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

"The threat intelligence could improve in RSA NetWitness Endpoint."

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."

"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."

"The solution lacks a reporting engine."

More NetWitness NDR cons

Pricing and Cost Advice

"The solution's pricing is around the same as most EDRs but slightly behind some of the major ones."

"The product cost is about $5, per user, per month."

"We pay our license on a yearly basis and have just renewed for two years."

"This cost of the license is approximately $5 USD monthly per user."

"It's not so heavily priced; rather, it's average and decent."

"Do not get hung up on price. You pay for what you get and expensive will hurt one time, where cheap will hurt forever, especially if you fall victim to a ransom attack, etc."

"CylancePROTECT is an affordable solution."

"The initial end-point cost may seem a little high (~$55/device/year) but when you look at the total peace of mind that the solution provides, with no reboots for updates, and negligible performance impact, it is well worth it."

More BlackBerry Cylance Cybersecurity pricing and cost advice

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

"It is highly scalable. It can be bought based on your requirements."

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"It is an expensive product."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"We are on a three-year contract to use RSA NetWitness Network."

"I do not have any opinion on the pricing or licensing of the product."

More NetWitness NDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

859,438 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Manufacturing Company

12%

Government

Financial Services Firm

Computer Software Company

17%

Financial Services Firm

16%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Blackberry Protect?

It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.

See all answers

What is your experience regarding pricing and costs for Blackberry Protect?

The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.

See all answers

What needs improvement with Blackberry Protect?

See all answers

Ask a question

Earn 20 points

Comparisons

Microsoft Defender for Endpoint vs BlackBerry Cylance Cybersecurity

Compared 19% of the time

CrowdStrike Falcon vs BlackBerry Cylance Cybersecurity

Compared 13% of the time

Cisco Secure Endpoint vs BlackBerry Cylance Cybersecurity

Compared 6% of the time

SentinelOne Singularity Complete vs BlackBerry Cylance Cybersecurity

Compared 6% of the time

Symantec Endpoint Security vs BlackBerry Cylance Cybersecurity

Compared 5% of the time

More BlackBerry Cylance Cybersecurity Competitors

Darktrace vs NetWitness NDR

Compared 13% of the time

Fidelis Elevate vs NetWitness NDR

Compared 11% of the time

Cortex XDR by Palo Alto Networks vs NetWitness NDR

Compared 8% of the time

Vectra AI vs NetWitness NDR

Compared 8% of the time

ExtraHop Reveal(x) vs NetWitness NDR

Compared 7% of the time

More NetWitness NDR Competitors

Product Reports

Buyer's Guide

BlackBerry Cylance Cybersecurity

June 2025

Download BlackBerry Cylance Cybersecurity product report

Buyer's Guide

NetWitness NDR

June 2025

Download NetWitness NDR product report

Also Known As

Blackberry Protect

RSA ECAT, NetWitness Network

Overview

BlackBerry Cylance provides endpoint security, threat protection, and antivirus capabilities, using AI and machine learning for protection against malware and ransomware on desktops, servers, and virtual machines worldwide. Its AI-driven threat detection operates even with limited internet, facilitating effective threat management.

BlackBerry Cylance's centralized dashboard simplifies threat management and vulnerability protection for organizations globally. The platform combines AI and machine learning to deliver superior zero-day threat protection and minimize CPU usage, offering stable and accurate threat detection without frequent updates. It includes tools like CylanceOPTICS and CylancePERSONA for enhanced user behavior monitoring and adopts a proactive approach that effectively manages threats at various lifecycle stages. Renowned for stability and performance, it efficiently prevents unauthorized applications while maintaining system productivity.

What are the main features of BlackBerry Cylance?

Minimal CPU Usage: Efficiently operates without taxing computer resources.
AI and Machine Learning: Advanced technology for zero-day threat protection.
Lightweight Design: Functions without constant updates for simplified usage.
Centralized Management: Offers a user-friendly, intuitive dashboard.
CylanceOPTICS and PERSONA: Tools for in-depth user behavior analysis.

What are key benefits to look for in user reviews?

Effective Malware Detection: Recognized accuracy in identifying security threats.
Proactive Threat Mitigation: Actively detects and manages threats.
Stability and Performance: Consistent protection without hampering system performance.
Reduced Unauthorized Access: Limits unpermitted application activity.

In the professional sector, BlackBerry Cylance is leveraged to protect crucial infrastructure through a robust approach accommodating environments with limited connectivity. Its widespread deployment in industries, including healthcare and finance, is attributed to its ease of deployment and comprehensive protection capabilities. However, enhancements in reporting, pricing structures, and technical support are avenues for development, reflecting user feedback for improving detection rates and overall dashboard usability.

BlackBerry

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit

ADP, Ameritas, Partners Healthcare

Buyer's Guide

BlackBerry Cylance Cybersecurity vs. NetWitness NDR

June 2025

Free Report: BlackBerry Cylance Cybersecurity vs. NetWitness NDR

Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. NetWitness NDR and other solutions. Updated: June 2025.

DOWNLOAD NOW

859,438 professionals have used our research since 2012.

See our BlackBerry Cylance Cybersecurity vs. NetWitness NDR report.

See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.