We performed a comparison between Cisco Secure Network Analytics and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has been pretty stable since we deployed it, and everything seems to be working fine."
"The solution reduces the amount of time it takes to detect and remediate threats."
"The most valuable feature is integration."
"It has improved our internal knowledge of what's going on with the network, and that's helpful."
"The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives."
"Great network monitoring, looking at anomaly detection and evaluation."
"The solution's analytics and thrust detection capabilities are good. We're still adjusting it. It's a little hypersensitive, but it is working right now."
"The most valuable feature is anomaly detection, where it finds things that are not allowed internally."
"It is stable. We have been using it for some time, without any issues."
"The stability of the RSA NetWitness Endpoint is very good."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"Ability to isolate the machine when there are malicious files."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"Technical support is knowledgeable."
"This solution allows us to locate the malware in real-time."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"There's a lot of traffic on our network that we don't see sometimes."
"At my company, we might not be using it enough with other applications that we have that can integrate with it."
"I would like to see it better organized when I'm looking at it."
"The initial setup was straightforward but required a lot of data entry, to begin with building out the server types and network types."
"Complexity on integration is not so straightforward and you really need an expert to help build it out."
"I would like to see some improvement when it comes to reporting."
"Stealthwatch is still maturing in AI. It uses artificial intelligence for predictions, but AI still needs to mature. It is in a phase where you get 95% correct detection. As its AI engine learns more, it will become more accurate. This is applicable to all the devices that are using AI because they support both supervised and unsupervised machine learning. The accuracy in the case of supervised machine learning is dependent on the data you feed into the box. The accuracy in the case of unsupervised machine learning is dependent on the algorithm. The algorithm matures depending on retrospective learning, and this is how it is able to detect zero-day attacks."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The initial setup requires a high level of skill."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The solution lacks a reporting engine."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The contamination feature could be improved."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 57 reviews while NetWitness XDR is ranked 6th in Network Detection and Response (NDR) with 15 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and SentinelOne Singularity Complete. See our Cisco Secure Network Analytics vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.