We performed a comparison between Cynet and NetWitness XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cynet offers strong ransomware protection and an intuitive interface. NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Cynet needs to expand device support and add customization options. Users suggest improving network monitoring and strengthening integration with other tools. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine.
Service and Support: Cynet's customer service is consistently lauded for its excellence. They have a dedicated support team that is available round the clock, and they also have a contingency plan for urgent incidents. NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours.
Ease of Deployment: Cynet’s setup is highly efficient, with the ability to configure thousands of devices quickly. Some users found the initial setup of NetWitness uncomplicated, but others faced challenges.
Pricing: Customers generally think Cynet's is affordable and a good value for its features. The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support.
ROI: Cynet yields an excellent ROI by preventing cyberattacks and safeguarding sensitive data. NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics.
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The integration between all the Defender products is the most valuable feature."
"I like that it is possible to use the solution to check more information about the users' devices."
"The feature that I have found most valuable is that the configuration and the usage of the product are not so complicated. For people responsible for using this infrastructure for the first line of workstation monitoring, it's quite easy to use."
"I like that you can implement it in the managed service portfolio."
"It can be deployed in autonomous mode, and then it automatically blocks malware threats."
"A reliable security system that automatically quarantines anything suspicious."
"The initial setup is very fast and very easy."
"The visibility it gives is excellent."
"The most valuable feature is the monitored support behind it."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"The stability of the RSA NetWitness Endpoint is very good."
"It is stable. We have been using it for some time, without any issues."
"Ability to isolate the machine when there are malicious files."
"Technical support is knowledgeable."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Advanced attacks could use an improvement."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"I think the technical support could be better."
"Cynet could improve when a reverse proxy is being used to connect to the servers. There could be an easier configuration because it is not plug-and-play."
"An administration feature will be useful for Cynet."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"SIEM - Although with their Centralised Log Management Cynet has created the basis for SIEM functionality, this is to be expanded in the near future."
"Its dashboard is not so good. On the dashboard, they don't show the count for client endpoints, which is a failure of this product. This count should be shown on the dashboard. I have 1,000 clients, but I can't see it anywhere on the dashboard."
"The command line interface could be improved."
"Cynet fails to deploy the same technology in mobile devices."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The contamination feature could be improved."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The solution lacks a reporting engine."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
Cynet is ranked 17th in Endpoint Protection Platform (EPP) with 35 reviews while NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews. Cynet is rated 8.8, while NetWitness XDR is rated 8.0. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, ESET Endpoint Protection Platform and Cortex XDR by Palo Alto Networks, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI. See our Cynet vs. NetWitness XDR report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Network Detection and Response (NDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
