No more typing reviews! Try our Samantha, our new voice AI agent.

ESET Inspect vs NetWitness NDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
ESET Inspect
Ranking in Endpoint Detection and Response (EDR)
34th
Average Rating
7.6
Reviews Sentiment
7.4
Number of Reviews
7
Ranking in other categories
No ranking in other categories
NetWitness NDR
Ranking in Endpoint Detection and Response (EDR)
59th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Endpoint Protection Platform (EPP) (49th), Threat Intelligence Platforms (TIP) (34th), Security Orchestration Automation and Response (SOAR) (23rd), Network Detection and Response (NDR) (19th), Extended Detection and Response (XDR) (41st)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of ESET Inspect is 1.0%, down from 1.1% compared to the previous year. The mindshare of NetWitness NDR is 1.0%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
ESET Inspect1.0%
NetWitness NDR1.0%
Other94.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Moshiur-Rahman Khan - PeerSpot reviewer
CEO at IOPoint.com
Provides reliable and comprehensive internet security solutions without significant system slowdowns
My organization uses ESET Inspect for antivirus and internet security on laptops and desktops. On the enterprise side, we utilize it on our Windows Server.  The platform has improved our organization's security by providing comprehensive antivirus and internet security solutions. It is fast and…
reviewer1799727 - PeerSpot reviewer
Manager, IT Security Operations at a non-profit with 11-50 employees
Reliable and good support but can be expensive
I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not only rely on the intelligence of the engineer in charge but to have some threat intelligence and some seeds of IOCs and to have the host have some artificial intelligence to reduce the number of false positives. I don't see this solution being very scalable. The solution is pricey.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"It's a perfect solution. It integrates well into the environment."
"I've found the solution to be highly scalable for enterprises."
"The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."
"The interface is easy to use and it is more up to date than our previous solution."
"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
"I have found the solution to be very easy in respect of the integration and configurable."
"Scalability-wise, it is a very good solution."
"This solution is easy to install, setup and monitor."
"ESET Enterprise Inspector's greatest asset lies in its user-friendly interface, which allows for easy navigation and thorough analysis of incidents."
"ESET Enterprise Inspector's most valuable feature is EDR."
"The rules are the best and most useful features."
"I find the multilayered endpoint security the most valuable feature."
"The product's most valuable features are its performance and stability."
"Rules are the most valuable feature of ESET Inspect. They are created through XML language, and they track and filter events from endpoints. If the event matches the rule, the rule is triggered. Exceptions are the second most valuable feature because it gives you the power to filter false positives in large numbers. The third most valuable feature is the Learning mode that facilitates making exceptions for known processes with a good reputation."
"We like the solution doesn't have to be managed by an IT department; it's easy to use and you can still check the machine without the IT department being involved."
"The solution is stable."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The solution is scalable; it creates 3,000 lab logs per second, and I think the solution is suitable for large companies or medium to large companies."
"The detection rate and tracking features including historical tracking, tracking of the fires on the desk, and tracking of the file last monitored are all quite valuable for us."
"It is very easy to use, and its usability is great."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
 

Cons

"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"Based on our experience so far, its implementation is quite complex."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"The configuration could be simplified. I would like to see better protection, specifically to protect email applications."
"The solution eats memory of the computer, unlike anything I've ever seen."
"Fine-tuning the detection policy requires experience because the policy is very complex in Cortex XDR by Palo Alto Networks, and we get high false positive alerts."
"Managing the product should be easier."
"Every vendor is working on making the job of SOC analysts easier, with fewer false positives and more precise detections. ESET uses LiveGrid technology that provides feedback on the reputation of files and operations. It's hard to eliminate all of the false positives, but hopefully, we'll see some improvement with the advances in AI."
"It may be difficult for a first-time customer to understand all of the functions that are available to him."
"The product is complex to configure, and there are too many errors that are not errors, making it an area that can be considered for improvement."
"One area that needs improvement for the product is ransomware protection, which does not offer complete security."
"The solution could improve the consumption of resources. The RAM and CPU usage increases during usage which can cause issues. We have three separate services and it would be beneficial if all were executed from one agent limiting the over usage of system resources."
"The platform's price could be better."
"It is not a stable product. We were disappointed in the stability of this product in comparison to McAffee."
"Threat detection could be better."
"The initial setup requires a high level of skill, then the setup is good and smooth."
"The contamination feature could be improved."
"RSA NetWitness Endpoint is a scalable solution. However, the problem which we normally face is in terms of the migration of the solution."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"The solution lacks a reporting engine."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
 

Pricing and Cost Advice

"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"Our customers have expressed that the price is high."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"The solution is expensive. It's pricing is on a yearly-basis."
"It's about $55 per license on a yearly basis."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"This is true in the case of licensing, we do not have the most expensive products, and we don't have the cheapest product, it's somewhere in the middle. Perhaps a little higher from the middle, but we are known for what we provide to our customers, and they are pleased."
"The pricing and licensing are the big issue now, in my opinion. If the price was less than other companies, or a one-time charge for service was available, I think there would be more users of this solution."
"The platform's licensing is affordable and straightforward."
"I feel it is a very expensive product."
"The platform is expensive; it could be cheaper."
"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
"We are on a three-year contract to use RSA NetWitness Network."
"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."
"It is highly scalable. It can be bought based on your requirements."
"It is an expensive product."
"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
"I do not have any opinion on the pricing or licensing of the product."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Comms Service Provider
14%
Financial Services Firm
11%
Manufacturing Company
8%
Computer Software Company
7%
Financial Services Firm
12%
Manufacturing Company
9%
Construction Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Large Enterprise2
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise2
Large Enterprise6
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for ESET Inspect?
The platform's licensing is affordable and straightforward. We purchase soft keys, install them, and manage the licen...
What needs improvement with ESET Inspect?
One area that needs improvement for the product is ransomware protection, which does not offer complete security.
What is your primary use case for ESET Inspect?
My organization uses ESET Inspect for antivirus and internet security on laptops and desktops. On the enterprise side...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ESET Enterprise Inspector
RSA ECAT, NetWitness Network
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Mitsubishi Motors, Allianz Suisse, Cannon, T-Mobile
ADP, Ameritas, Partners Healthcare
Find out what your peers are saying about ESET Inspect vs. NetWitness NDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.