ExtraHop Reveal(x) 360 vs NetWitness XDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
6,000 views|4,488 comparisons
97% willing to recommend
ExtraHop Networks Logo
101 views|75 comparisons
100% willing to recommend
NetWitness Logo
506 views|353 comparisons
87% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between ExtraHop Reveal(x) 360 and NetWitness XDR based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ExtraHop Reveal(x) 360 vs. NetWitness XDR Report (Updated: March 2024).
771,740 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability.""The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging.""Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features.""The most valuable aspect is undoubtedly the exploration capability""The most valuable features are spam filtering, attachment filtering, and antivirus protection.""We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence.""The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR.""Microsoft 365 Defender is a stable solution."

More Microsoft Defender XDR Pros →

"It is scalable.""It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management.""It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."

More ExtraHop Reveal(x) 360 Pros →

"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""It is stable. We have been using it for some time, without any issues.""RSA NetWitness does market analysis in a more granular form. It gives you full visibility.""The most valuable feature is the way it captures the traffic, and it contains every detail of the communication.""The log correlation is good.""The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good.""Technical support is knowledgeable.""Ability to isolate the machine when there are malicious files."

More NetWitness XDR Pros →

Cons
"The data recovery and backup could be improved.""Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation.""A simple dashboard without having to use MS Sentinel would be a welcome improvement.""The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform.""Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features.""Microsoft Defender XDR is not a full-fledged EDR or XDR.""The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things.""There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."

More Microsoft Defender XDR Cons →

"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers.""A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations.""There needs to be more support."

More ExtraHop Reveal(x) 360 Cons →

"The threat intelligence could improve in RSA NetWitness Endpoint.""The contamination feature could be improved.""We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues.""The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge.""When analyzing something, you have to click several times. It requires a lot of effort to find something.""The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features.""The solution lacks a reporting engine.""NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."

More NetWitness XDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

  • "When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."
  • More ExtraHop Reveal(x) 360 Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
  • More NetWitness XDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    771,740 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and… more »
    Top Answer:Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying… more »
    Top Answer:Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionally… more »
    Top Answer:It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false… more »
    Top Answer:The NDR feature analyzes network traffic, creating records with connection details. While these records offer insights… more »
    Top Answer:I recommend prioritizing demos over POCs when engaging with vendors. Organizing POCs involves significant time and… more »
    Top Answer:Technical support is knowledgeable.
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
    RSA ECAT, NetWitness Network
    Learn More
    ExtraHop Networks
    Video Not Available
    NetWitness
    Video Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Cloud is where your business operates, where it innovates, how it enables employees, and how it connects with customers. Adversaries know this, and that's why attacks against cloud assets in IaaS, PaaS, and SaaS environments are increasing. With Reveal(x) 360, you can mitigate the blast radius of advanced threats like ransomware and supply chain attacks with unified security across multicloud and hybrid environments in a single management pane.

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Wizards of the Coast
    ADP, Ameritas, Partners Healthcare
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company15%
    Financial Services Firm13%
    Government10%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm13%
    University10%
    Computer Software Company8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company15%
    Government9%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise24%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise12%
    Large Enterprise67%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise15%
    Large Enterprise67%
    Buyer's Guide
    ExtraHop Reveal(x) 360 vs. NetWitness XDR
    March 2024
    Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. NetWitness XDR and other solutions. Updated: March 2024.
    771,740 professionals have used our research since 2012.

    ExtraHop Reveal(x) 360 is ranked 23rd in Extended Detection and Response (XDR) with 3 reviews while NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews. ExtraHop Reveal(x) 360 is rated 8.6, while NetWitness XDR is rated 8.0. The top reviewer of ExtraHop Reveal(x) 360 writes "A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". ExtraHop Reveal(x) 360 is most compared with ExtraHop Reveal(x), Forescout Platform and Corelight, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint. See our ExtraHop Reveal(x) 360 vs. NetWitness XDR report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.