We performed a comparison between Darktrace and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the alerts. The alerts are meaningful. The event rolls up into meaningful and actionable alerts rather than just being noise."
"I find the complete portfolio to be excellent."
"Darktrace is very flexible."
"The solution can scale."
"A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time."
"Darktrace is extremely stable."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"The stability of the RSA NetWitness Endpoint is very good."
"It is stable. We have been using it for some time, without any issues."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The log correlation is good."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"The interface of this solution is very flexible and easy to use."
"The interface is too mathematical and it should be simplified."
"Needs to improve its collaboration with local partners."
"I think there is some MSSP missing."
"Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking."
"The program is quite expensive."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"I'd love them to see maybe covering the cloud a bit more."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"The initial setup requires a high level of skill."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"RSA NetWitness Network could improve on integration with non-native application integration."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The threat intelligence could improve in RSA NetWitness Endpoint."
Darktrace is ranked 1st in Network Detection and Response (NDR) with 65 reviews while NetWitness XDR is ranked 6th in Network Detection and Response (NDR) with 15 reviews. Darktrace is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas NetWitness XDR is most compared with ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete and Palo Alto Networks Cortex XSOAR. See our Darktrace vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.