No more typing reviews! Try our Samantha, our new voice AI agent.

CrowdStrike Observability vs NetWitness Platform comparison

CrowdStrike and NetWitness are both solutions in the Log Management category. CrowdStrike is ranked #22 with an average rating of 8.0, while NetWitness is ranked #32 with an average rating of 9.0. CrowdStrike holds a 0.8% mindshare in Log Management, compared to NetWitness’s 0.9% mindshare. Additionally, 100% of CrowdStrike users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.
CrowdStrike Observability
Read 7 CrowdStrike Observability reviews
  • 1,318 Views
  • 1,305 Comparison Views
100% willing to recommend
NetWitness Platform
Read 36 NetWitness Platform reviews
  • 2,953 Views
  • 1,595 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between CrowdStrike Observability and NetWitness Platform based on real PeerSpot user reviews.

Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CrowdStrike Observability vs. NetWitness Platform Report (Updated: April 2026).
Buyer's Guide
CrowdStrike Observability vs. NetWitness Platform
April 2026
Download the complete report
Helped 886,719 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CrowdStrike Observability
Ranking in Log Management
22nd
Average Rating
8.2
Reviews Sentiment
5.0
Number of Reviews
7
Ranking in other categories
No ranking in other categories
NetWitness Platform
Ranking in Log Management
32nd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Security Information and Event Management (SIEM) (34th)
 

Mindshare comparison

As of April 2026, in the Log Management category, the mindshare of CrowdStrike Observability is 0.8%, up from 0.5% compared to the previous year. The mindshare of NetWitness Platform is 0.9%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management Mindshare Distribution
ProductMindshare (%)
CrowdStrike Observability0.8%
NetWitness Platform0.9%
Other98.3%
Log Management
 

Featured Reviews

HectorRios - PeerSpot reviewer
HectorRios
IT COMMUNICATIONS AND NETWORKS at Américas BPS
Has provided reliable alerts and helped identify infrastructure issues through detailed reporting
The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls. Additionally, they have the agent, but the presentation in the management console is excellent as we have observability end-to-end with the servers and all the services configured in the use cases. The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues. Identifying performance bottlenecks is important because they collect numerous MD5 or hash keys including movements or playbooks. The way they organize that in the console is excellent, allowing you to have reports detecting issues, which not only includes detection but also provides solutions to those issues.
Read full review
reviewer2256927 - PeerSpot reviewer
reviewer2256927
Head of Information Security, Cyber Defense and IT Risk Management at HCT. at a transportation company with 201-500 employees
A solid SIEM solution that should improve technical support and online resources to be easier to use
A big problem with the product is that we don't have much professional experience in Israel installing, implementing, and integrating this product. There is not enough of a knowledge base. There is no support for this product in this country, so problems have to be resolved through global technical teams. We like to work locally because of the language, and when the product is only supported outside the country, it's a little difficult to implement and use this product. Moreover, AI is something that must be added immediately. Artificial intelligence is a part of the competitors' products, and it's not been implemented for us.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls."
"The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues."
"In the logs and the trajectory, it shows detailed information about where the source of infection comes from, how it travels, and how to reach there."
"CrowdStrike Observability offers strong predictive analytics capabilities, and the intelligent alerting system helps minimize noise and optimize IT resources effectively."
"The log aggregation and correlation of data are notable features that enhance our operations."
"I find the most effective feature of CrowdStrike Observability to be its cloud vision and attack surface vision, which enhance network traffic analysis."
"CrowdStrike Observability is a signature-less solution where you don't need to update your endpoints or the CrowdStrike Observability agents regularly, and it is completely based on AI and ML search engines."
"The price is worth it."
More CrowdStrike Observability pros
"Setting up NetWitness is straightforward; there are multiple connectors, including standard and specialized connectors, with enhanced capability to integrate custom applications, and from there you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"Overall, it is easy to implement."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"Over time, NetWitness Logs and Packets has matured from a boxed solution with multiple parts to the current, more streamlined version for which we only need the software license to put it up on our own cloud and deliver it to multiple clients."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"Technically speaking, this is a good product."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
More NetWitness Platform pros
 

Cons

"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."
"The pricing is very high and small companies cannot afford it. They should reduce the price because the backend infrastructure is the same."
"We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten."
"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial. Currently, there is a default ninety-day backup period."
"Integration with Huawei should be more straightforward."
"Integration with Huawei should be more straightforward."
"For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial."
"The customer service is not satisfactory for me. The support is only available in English, and my users in LATAM regions such as Peru and Colombia require local language support, which is not currently provided."
More CrowdStrike Observability cons
"I believe they could improve their support, there are often delays."
"An area for improvement would be better automation and more inbuilt use cases."
"Its technical support could be better."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"An area for improvement would be better automation and more inbuilt use cases."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"More customizability is required, which is something that they need to improve on."
"Advance monitoring and alerting feature is not stable (Event Stream Analysis)."
More NetWitness Platform cons
 

Pricing and Cost Advice

Information not available
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"The product price was reasonable for my region and the market."
"The product is expensive."
"It is cheap."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"Compared to the competition, the is price is not that high."
"We are on an annual license for the use of the solution."
More NetWitness Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
886,719 professionals have used our research since 2012.
 

Comparison Review

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
12%
Construction Company
9%
Manufacturing Company
7%
Financial Services Firm
12%
Construction Company
8%
Performing Arts
7%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise3
Large Enterprise3
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
 

Questions from the Community

What needs improvement with CrowdStrike Observability?
The product at this moment is really good; CrowdStrike Observability is still working to improve it and they are including new features. At this time, I cannot provide an opinion about what else to...
See all answers
What is your primary use case for CrowdStrike Observability?
We are currently finishing the configuration of the solution, making the playbooks and configurations with the use cases. From CrowdStrike Observability, we use all the solution including XDR and a...
See all answers
What advice do you have for others considering CrowdStrike Observability?
We did not use Falcon Sandbox or Falcon Exposure Management. We are using a local partner and they have a marketplace, but we are working with a local partner from Google. We are just customers, no...
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What is your primary use case for NetWitness Platform?
I use NetWitness Platform ( /products/netwitness-platform-reviews ) in the financial industry as a good product with excellent capabilities and integration with various devices.
See all answers
 

Comparisons

Wazuh vs CrowdStrike Observability Logo
Wazuh vs CrowdStrike Observability
Compared 9% of the time
Lumen Security Log Monitoring vs CrowdStrike Observability Logo
Lumen Security Log Monitoring vs CrowdStrike Observability
Compared 8% of the time
Datadog vs CrowdStrike Observability Logo
Datadog vs CrowdStrike Observability
Compared 8% of the time
Elastic Stack vs CrowdStrike Observability Logo
Elastic Stack vs CrowdStrike Observability
Compared 6% of the time
Amazon OpenSearch Service vs CrowdStrike Observability Logo
Amazon OpenSearch Service vs CrowdStrike Observability
Compared 6% of the time
More CrowdStrike Observability Competitors
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 7% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 7% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 4% of the time
Palo Alto Networks WildFire vs NetWitness Platform Logo
Palo Alto Networks WildFire vs NetWitness Platform
Compared 4% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 3% of the time
More NetWitness Platform Competitors
 

Product Reports

Buyer's Guide
CrowdStrike Observability
April 2026
CrowdStrike Observability reportDownload CrowdStrike Observability product report
Buyer's Guide
NetWitness Platform
March 2026
NetWitness Platform reportDownload NetWitness Platform product report
 

Also Known As

No data available
RSA Security Analytics
 

Overview

Unify security, log management, and observability with the new CrowdStrike Falcon LogScale module, the next evolution of Humio, including the all-new managed Falcon Complete LogScale service.

CrowdStrike

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness
 

Sample Customers

Information Not Available
Los Angeles World Airports, Reply
Buyer's Guide
CrowdStrike Observability vs. NetWitness Platform
April 2026
Free Report: CrowdStrike Observability vs. NetWitness Platform
Find out what your peers are saying about CrowdStrike Observability vs. NetWitness Platform and other solutions. Updated: April 2026.
DOWNLOAD NOW
886,719 professionals have used our research since 2012.
See our CrowdStrike Observability vs. NetWitness Platform report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.