We performed a comparison between Cybereason XDR and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The comprehensiveness of Microsoft's threat detection is good."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"Microsoft 365 Defender is a stable solution."
"The summarization of emails is a valuable feature."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Microsoft Defender XDR is scalable."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"Cybereason XDR's most useful feature is the investigation."
"The solution has an investigation feature, which is useful for building storylines."
"The interface of this solution is very flexible and easy to use."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"It is stable. We have been using it for some time, without any issues."
"The log correlation is good."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"Ability to isolate the machine when there are malicious files."
"This solution allows us to locate the malware in real-time."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"Sometimes, configurations take much longer than expected."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The mobile app support for Android and iOS is difficult and needs improvement."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Cybereason's customer support could be better."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"The solution lacks a reporting engine."
"RSA NetWitness Network could improve on integration with non-native application integration."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"The initial setup requires a high level of skill."
"The threat intelligence could improve in RSA NetWitness Endpoint."
Cybereason XDR is ranked 18th in Extended Detection and Response (XDR) with 2 reviews while NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews. Cybereason XDR is rated 8.6, while NetWitness XDR is rated 8.0. The top reviewer of Cybereason XDR writes "Provides effective incident response and investigation features". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cybereason XDR is most compared with Cortex XDR by Palo Alto Networks, Wazuh, Cynet, TEHTRIS XDR and Trend Vision One, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our Cybereason XDR vs. NetWitness XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.