CrowdStrike Observability vs NetWitness Platform comparison

"The price is worth it."

"CrowdStrike Observability is a signature-less solution where you don't need to update your endpoints or the CrowdStrike Observability agents regularly, and it is completely based on AI and ML search engines."

"In the logs and the trajectory, it shows detailed information about where the source of infection comes from, how it travels, and how to reach there."

"The log aggregation and correlation of data are notable features that enhance our operations."

"I find the most effective feature of CrowdStrike Observability to be its cloud vision and attack surface vision, which enhance network traffic analysis."

"The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls."

"The intelligence database provided by CrowdStrike is very impressive."

"The intelligence database provided by CrowdStrike is very impressive."

"The most valuable features are the packet inspection and the automated incident response."

"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."

"The newer 11.5 version that my team is using has found it to have good mapping."

"The most valuable features are the threat prediction and network forensics."

"NetWitness can be highly beneficial for incident detection and response."

"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."

"The most valuable feature is the security that it provides."

"It's quite economical compared to other solutions in the market."

"Technical support received a rating of 4 out of 10."

"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial."

"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."

"The pricing is very high and small companies cannot afford it. They should reduce the price because the backend infrastructure is the same."

"Integration with Huawei should be more straightforward."

"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."

"Integration with Huawei should be more straightforward."

"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial. Currently, there is a default ninety-day backup period."

"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."

"I believe that integrating the solution with other products such as Oracle would be beneficial."

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."

"An area for improvement would be better automation and more inbuilt use cases."

"There is no support for this product in this country, so problems have to be resolved through global technical teams."

"The solution should have more integration capabilities with different platforms."

"It is not so easy to customize this product."

"The implementation needs assistance."

"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."

"We are on an annual license for the use of the solution."

"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."

"The licenses are good but the cost is very expensive."

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."

"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."

"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."