Check Point Infinity vs NetWitness Platform comparison

The compared Check Point Software Technologies and NetWitness solutions aren't in the same category. Check Point Software Technologies is ranked #8 in AICP , with an average rating of 8.8, and holds a 2.5% mindshare in the category. NetWitness is ranked #35 in Log Management , with an average rating of 8.3, and holds a 0.7% mindshare. Additionally, 100% of Check Point Software Technologies users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Check Point Infinity and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two AI-Powered Cybersecurity Platforms solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Check Point Infinity vs. NetWitness Platform Report (Updated: September 2022).

Buyer's Guide

Check Point Infinity vs. NetWitness Platform

September 2022

Download the complete report

Helped 882,813 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

AI-Powered Cybersecurity Platforms Market Share Distribution
Product	Market Share (%)
Check Point Infinity	2.5%
CrowdStrike Falcon	17.4%
Darktrace	14.4%
Other	65.7%

AI-Powered Cybersecurity Platforms

Log Management Market Share Distribution
Product	Market Share (%)
NetWitness Platform	0.7%
Wazuh	8.3%
Splunk Enterprise Security	6.9%
Other	84.1%

Log Management

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

Chetan Bhati

Network Security Engineer at Arrow PC Network Pvt Ltd

Improves daily threat prevention with real-time detection and requires better alert tuning for faster prioritization

Check Point Infinity is powerful, but there are a few areas that could improve. The learning curve for new users can be steep, especially when managing multiple modules like CloudGuard, Quantum, and Harmony together. Some alerts can be overwhelming, making it harder to prioritize without fine-tuning. While automation helps, occasional manual adjustments are still needed. Overall, it is strong, but simplifying onboarding and alert management would make it even better. Integration with third-party tools could be smoother. The reporting dashboard could be more customizable for quick insights. Performance on very large networks can sometimes slow during updates. Overall, while the platform is strong, improving user experience, alert management, and integration would make it even more efficient for daily operations.

Read full review

MOTASHIM Al Razi

CISO at One Bank Limited

It is a stable solution, but they should make the user interface easier to understand

The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The initial setup is easy."

"The stability of this product is very good."

"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."

"Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR."

"The interface is easy to use and it is more up to date than our previous solution."

"The product's initial setup phase is very easy."

"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."

"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."

More Cortex XDR by Palo Alto Networks pros

"Since adopting Check Point Infinity, I have seen a noticeable improvement in how we manage and respond to security threats across our infrastructure."

"The Infinity portal combines all Check Point solutions in one place, including the endpoint, SASE, and the SMP."

"The most valuable features of the solution stem from factors like ease of use, visibility, and cost to the enterprise."

"Check Point Infinity offers a multi-layered security approach that enhances our IT security environment."

"The tool's most valuable feature for threat prevention is the encryption alarm. I find the centralized management console, including the log analyzer and reports in Check Point Infinity, extremely beneficial for enhancing security and operations efficiency in our enterprise. I would rate it a perfect ten out of ten, as it effectively helps us analyze logs, and detect potential attacks."

"Since adopting Check Point Infinity, I have seen a noticeable improvement in how we manage and respond to security threats across our infrastructure."

"I recommend Check Point Infinity to other customers due to its notable benefits and positive experiences with a major financial institution."

"Infinity is a technical console where we have to log in, and we can navigate to all the products very easily because it is written in a normal installation. People who know about the product can click and take care of their activity."

More Check Point Infinity pros

"The product has a user-friendly interface and a valuable feature for threat intelligence integration."

"Offers a good wireless feature."

"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"

"It's quite economical compared to other solutions in the market."

"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."

"Their technical support responds quickly and are knowledgable."

"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."

"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."

More NetWitness Platform pros

Cons

"Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."

"If Palo Alto reduces the pricing slightly for their products, it would make them more scalable in markets such as India and globally for cybersecurity."

"If you compare it to SentinelOne, which has more functionalities and detection capabilities on an open platform, the pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks."

"I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."

"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."

"While using Cortex, I noticed some aspects that could be improved, such as increasing the synchronization speed between XDR and Xnor."

"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."

"There's room for improvement with Mac device installations, which can be challenging."

More Cortex XDR by Palo Alto Networks cons

"One area where Check Point Infinity could improve is in the reporting and analytics customization."

"Sometimes when Check Point Infinity cloud is stuck and the policy takes a long time to push, this is not a good feature."

"Some aspects of the reporting in Check Point may take time to learn and become comfortable with."

"The management console has given us some trouble, and the documentation is a little bit rigid in its solution paths."

"The portal is provisioned in AWS. They should improve the cloud to make it faster."

"The improvements needed for Check Point Infinity include that the documentation is not intuitive, and we needed more pictures or steps to make it more intuitive for all people when deploying it for the first time."

"In the future, I would like to see new developments that allow us to centralize the cloud."

"One point that led to the nine rating was an incident about two months ago where our inbound and outbound mail were going to quarantine and we could not do anything."

More Check Point Infinity cons

"An area for improvement would be better automation and more inbuilt use cases."

"Security needs improvement."

"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."

"The initial setup is complex. There are other solutions that are easier to implement."

"The multi-tenant capabilities are lagging compared to IBM QRadar."

"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."

"The tool's integration capability isn't so great."

"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."

More NetWitness Platform cons

Pricing and Cost Advice

"Cortex XDR is a costly solution."

"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."

"I feel it is fairly priced."

"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."

"The pricing is a little bit on the expensive side."

"Cortex XDR’s pricing is very reasonable."

"The price was fine."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall."

"The solution's price is quite high, and the licensing model requires extra licenses for various features like SD-WAN."

"I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive."

"When it comes to price, the paramount consideration is the strength of the security. If the security measures provided by the product, such as Check Point Infinity, are robust and meet our requirements, price becomes a secondary concern."

"Check Point should provide an enterprise-wide license where the organization should be provided free hand of using any license or services for an agreed period of time (EULA)."

"The product has good pricing considering the features and a global approach."

"The flexibility in pricing is advantageous, and being a special partner allows for negotiating special rates based on the project requirements."

"The pricing of Check Point Infinity could be better. There is a license needed to use the solution and we pay annually."

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."

"Our license is for one year."

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."

"This is a pricey solution; it's not cheap."

"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."

"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."

"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."

"The licenses are good but the cost is very expensive."

More NetWitness Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which AI-Powered Cybersecurity Platforms solutions are best for your needs.

See recommendations

882,813 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

10%

Financial Services Firm

10%

Manufacturing Company

Comms Service Provider

Security Firm

20%

Educational Organization

10%

Manufacturing Company

10%

Computer Software Company

Financial Services Firm

13%

Performing Arts

Computer Software Company

Marketing Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	42
Midsize Enterprise	21
Large Enterprise	47

By reviewers
Company Size	Count
Small Business	40
Midsize Enterprise	9
Large Enterprise	10

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	7
Large Enterprise	20

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

See all answers

What do you like most about Check Point Infinity?

Check Point Infinity's threat prevention capabilities benefitted our organization.

See all answers

What needs improvement with Check Point Infinity?

Check Point Infinity could be improved with more intuitive documentation.

See all answers

What is your primary use case for Check Point Infinity?

Check Point Infinity is used primarily for consolidating security across networks, including cloud and on-premise, an...

See all answers

What do you like most about NetWitness Platform?

The product's initial setup phase was not at all difficult.

See all answers

What is your experience regarding pricing and costs for NetWitness Platform?

The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to...

See all answers

What needs improvement with NetWitness Platform?

There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem )...

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 9% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

CyberArk Privileged Access Manager vs Check Point Infinity

Compared 12% of the time

Palo Alto Networks WildFire vs Check Point Infinity

Compared 7% of the time

Securonix Next-Gen SIEM vs Check Point Infinity

Compared 7% of the time

Selector AIOps vs Check Point Infinity

Compared 5% of the time

Trellix Advanced Threat Defense vs Check Point Infinity

Compared 5% of the time

More Check Point Infinity Competitors

IBM Security QRadar vs NetWitness Platform

Compared 10% of the time

Splunk Enterprise Security vs NetWitness Platform

Compared 7% of the time

Elastic Security vs NetWitness Platform

Compared 5% of the time

USM Anywhere vs NetWitness Platform

Compared 4% of the time

RSA enVision vs NetWitness Platform

Compared 4% of the time

More NetWitness Platform Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

February 2026

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Check Point Infinity

February 2026

Download Check Point Infinity product report

Buyer's Guide

NetWitness Platform

February 2026

Download NetWitness Platform product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

R80, Infinity

RSA Security Analytics

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyber attacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectivity and inefficient security. Learn more about Check Point Infinity

Check Point Software Technologies

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

Sample Customers

CBI Health Group, University Honda, VakifBank

Edel AG

Los Angeles World Airports, Reply

Buyer's Guide

Check Point Infinity vs. NetWitness Platform

September 2022

Free Report: Check Point Infinity vs. NetWitness Platform

Find out what your peers are saying about Check Point Infinity vs. NetWitness Platform and other solutions. Updated: September 2022.

DOWNLOAD NOW

882,813 professionals have used our research since 2012.

See our Check Point Infinity vs. NetWitness Platform report.

We monitor all AI-Powered Cybersecurity Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.