We performed a comparison between Darktrace and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I like about Darktrace, is that you can quickly identify threats."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"The solution is stable. We've never had any problems with it."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"Technical support is knowledgeable."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"This solution allows us to locate the malware in real-time."
"The stability of the RSA NetWitness Endpoint is very good."
"Ability to isolate the machine when there are malicious files."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"It is stable. We have been using it for some time, without any issues."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler."
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"I think there is some MSSP missing."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"The price point for the product was too high for what our possible use case could be."
"It's quite expensive to have."
"The contamination feature could be improved."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"RSA NetWitness Network could improve on integration with non-native application integration."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"Threat detection could be better."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
Darktrace is ranked 1st in Network Detection and Response (NDR) with 65 reviews while NetWitness XDR is ranked 6th in Network Detection and Response (NDR) with 15 reviews. Darktrace is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas NetWitness XDR is most compared with ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Vectra AI. See our Darktrace vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.