We performed a comparison between HP Wolf Security and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The solution was relatively easy to deploy."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The feature that stands out the most is that when someone clicks on a link in an email... [if] that link is malicious and it has some malware or keylogger attached to it, when it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus."
"The isolation feature is the most important because it prevents attacks."
"We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact."
"It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system."
"I use HP Wolf Security to add a layer of safety, especially for laptops operating in various environments."
"Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it."
"Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event."
"The most valuable feature is the process isolation because it simply stops malware from infecting the machines."
"It is stable. We have been using it for some time, without any issues."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The stability of the RSA NetWitness Endpoint is very good."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"Ability to isolate the machine when there are malicious files."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"Detections could be improved."
"The support needs improvement."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"After a major release, there's always a lot of "dust settling." You have to work through all those issues and then you're fine for a while. The problem is, it's stable, it's fine, until the next major release comes out. Then you go back into the cycle again of uncertainty, instability, working through issues until they have patched and remediated all the problems that you're having. It's not unlike any other vendor though"
"They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents."
"They need to improve the compatibility with other applications and its stability. It works well with attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things."
"Reporting is one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective... It becomes very difficult because you have to spend a lot of time digging through the volumes of data. Reporting is absolutely the biggest shortcoming."
"Initially, when we came in contact with Bromium a few years ago, it had a nice threat analyst, or a LAVA Pop, which is what they used to call it. Once it detected malware, it would show us the malware's path... I don't see that on the computers now. We only get to see that in the console. I would like to still see that on the individual machines because when we go out to look at a machine, we don't necessarily have access to the console."
"The tool behaves differently when I ported to Windows 11."
"Initial setup was complex. There were many configurations that needed to be worked out with the vendor. The setup required hands-on assistance from Bromium."
"Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems and then we have to call support to get patches, etc."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The contamination feature could be improved."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
HP Wolf Security is ranked 47th in Endpoint Protection Platform (EPP) with 8 reviews while NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews. HP Wolf Security is rated 7.8, while NetWitness XDR is rated 8.0. The top reviewer of HP Wolf Security writes "Adds a layer of safety, especially for laptops operating in various environments". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". HP Wolf Security is most compared with Norton Small Business, Bitdefender Total Security, Microsoft Defender for Business, Kaspersky Total Security and Microsoft Defender for Endpoint, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI. See our HP Wolf Security vs. NetWitness XDR report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
