ExtraHop Reveal(x) 360 vs NetWitness XDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between ExtraHop Reveal(x) 360 and NetWitness XDR based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ExtraHop Reveal(x) 360 vs. NetWitness XDR Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing.""Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability.""The unified view of the threat landscape on a central dashboard is the most valuable feature.""We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button.""I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender.""The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it.""It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done...""I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."

More Microsoft Defender XDR Pros →

"It is scalable.""It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand.""It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."

More ExtraHop Reveal(x) 360 Pros →

"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives.""The most valuable feature is the way it captures the traffic, and it contains every detail of the communication.""Technical support is knowledgeable.""It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great.""They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in.""RSA NetWitness does market analysis in a more granular form. It gives you full visibility.""The log correlation is good.""It is stable. We have been using it for some time, without any issues."

More NetWitness XDR Pros →

Cons
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team.""I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera.""The design of the user interface could use some work. Sometimes it's hard to find the exact information you need.""The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there.""The licensing is a nightmare and has room for improvement.""This solution could be improved if it included features such as those offered by Malwarebytes.""Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded.""At times, there may be delays in the execution of certain actions and their effects."

More Microsoft Defender XDR Cons →

"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers.""A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations.""There needs to be more support."

More ExtraHop Reveal(x) 360 Cons →

"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious.""I would like to see Security Orchestration and Response Automation (SOAR) integration.""RSA NetWitness Network could improve on integration with non-native application integration.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.""When analyzing something, you have to click several times. It requires a lot of effort to find something.""We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues.""The contamination feature could be improved.""The threat intelligence could improve in RSA NetWitness Endpoint."

More NetWitness XDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

  • "When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."
  • More ExtraHop Reveal(x) 360 Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
  • More NetWitness XDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Scanning, vulnerability reporting, and the dashboard are the most valuable features.
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Top Answer:While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a… more »
    Top Answer:It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false… more »
    Top Answer:The NDR feature analyzes network traffic, creating records with connection details. While these records offer insights… more »
    Top Answer:I recommend prioritizing demos over POCs when engaging with vendors. Organizing POCs involves significant time and… more »
    Top Answer:Technical support is knowledgeable.
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
    RSA ECAT, NetWitness Network
    Learn More
    ExtraHop Networks
    Video Not Available
    NetWitness
    Video Not Available
    Interactive Demo
    ExtraHop Networks
    Demo Not Available
    NetWitness
    Demo Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Cloud is where your business operates, where it innovates, how it enables employees, and how it connects with customers. Adversaries know this, and that's why attacks against cloud assets in IaaS, PaaS, and SaaS environments are increasing. With Reveal(x) 360, you can mitigate the blast radius of advanced threats like ransomware and supply chain attacks with unified security across multicloud and hybrid environments in a single management pane.

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Wizards of the Coast
    ADP, Ameritas, Partners Healthcare
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company12%
    Government12%
    Financial Services Firm12%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm14%
    University11%
    Computer Software Company8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise24%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise12%
    Large Enterprise66%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise68%
    Buyer's Guide
    ExtraHop Reveal(x) 360 vs. NetWitness XDR
    March 2024
    Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. NetWitness XDR and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    ExtraHop Reveal(x) 360 is ranked 22nd in Extended Detection and Response (XDR) with 3 reviews while NetWitness XDR is ranked 16th in Extended Detection and Response (XDR) with 15 reviews. ExtraHop Reveal(x) 360 is rated 8.6, while NetWitness XDR is rated 8.0. The top reviewer of ExtraHop Reveal(x) 360 writes "A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". ExtraHop Reveal(x) 360 is most compared with ExtraHop Reveal(x), Fortinet FortiGate IPS, Corelight, Forescout Platform and Vectra AI, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and SentinelOne Singularity Complete. See our ExtraHop Reveal(x) 360 vs. NetWitness XDR report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.