LogRhythm NDR vs NetWitness XDR Comparison 2024

LogRhythm NDR

NetWitness XDR

LogRhythm NDR

Read 2 LogRhythm NDR reviews

356 views|247 comparisons

NetWitness XDR

Read 15 NetWitness XDR reviews

699 views|492 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

LogRhythm NDR vs. NetWitness XDR

March 2024

Executive Summary

We performed a comparison between LogRhythm NDR and NetWitness XDR based on real PeerSpot user reviews.

Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed LogRhythm NDR vs. NetWitness XDR Report (Updated: March 2024).

Download the complete report

771,212 professionals have used our research since 2012.

Featured Review

Monsur Ahmed

Software management at Midland Bank

Robust cybersecurity with user-friendly interface, efficient threat detection through network traffic analysis, and...

It reduces the need to exert significant effort to achieve results; familiarity with customization and product usage makes accessing any data quite... Read more →

Anonymous User

Senior Cyber Security Analyst (SAFe Agile) at a transportation company

Advanced threat detection undermined by issues with blocking

NetWitness Endpoint has enabled us to detect attacks that bypass the first stage of cybersecurity, like zero-day and advanced attacks.

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"It's an excellent security tool with a user-friendly interface that's easy for anyone to use.""It is a stable solution...It is a scalable solution."

More LogRhythm NDR Pros →

"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives.""Technical support is knowledgeable.""The interface of this solution is very flexible and easy to use.""Ability to isolate the machine when there are malicious files.""This solution allows us to locate the malware in real-time.""They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in.""The log correlation is good.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."

More NetWitness XDR Pros →

Cons

"From an improvement perspective, I would like LogRhythm NDR to reduce the compute size. I would also like LogRhythm NDR to improve the pricing model.""There are opportunities for improvement, particularly in upgrading the expertise of local professionals and addressing support issues, which could potentially lead to cost reduction."

More LogRhythm NDR Cons →

"I would like to see Security Orchestration and Response Automation (SOAR) integration.""RSA NetWitness Network could improve on integration with non-native application integration.""Threat detection could be better.""NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious.""The contamination feature could be improved.""Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training.""The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

More NetWitness XDR Cons →

Pricing and Cost Advice

"There are certain payments to be made towards the licensing costs attached to the product yearly. The pricing of LogRhythm NDR falls under the mid-range, in my opinion."

"When looking at the market and comparing it with other vendors, the cost seems relatively high."

More LogRhythm NDR Pricing and Cost Advice →

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"It is highly scalable. It can be bought based on your requirements."

"I do not have any opinion on the pricing or licensing of the product."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"It is an expensive product."

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

More NetWitness XDR Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.

See Recommendations

771,212 professionals have used our research since 2012.

Questions from the Community

What do you like most about LogRhythm NDR?

Top Answer:It is a stable solution...It is a scalable solution.

What is your experience regarding pricing and costs for LogRhythm NDR?

Top Answer:There are certain payments to be made towards the licensing costs attached to the product yearly. The pricing of LogRhythm NDR falls under the mid-range, in my opinion.

What needs improvement with LogRhythm NDR?

Top Answer:I think that if it is possible to leverage on or reduce that compute sizing during the deployment of the solution, then it can save the hardware of the customer, especially if one considers the cost… more »

What do you like most about NetWitness XDR?

Top Answer:Technical support is knowledgeable.

Read all 15 answers →

What is your experience regarding pricing and costs for NetWitness XDR?

Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the competition. I cannot speak to the exact pricing of the product.

Read all 10 answers →

What needs improvement with NetWitness XDR?

Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not… more »

Read all 14 answers →

Ranking

11th

out of 25 in Network Detection and Response (NDR)

Views

356

Comparisons

247

Reviews

Average Words per Review

450

Rating

8.0

9th

out of 25 in Network Detection and Response (NDR)

Views

699

Comparisons

492

Reviews

Average Words per Review

320

Rating

7.8

Comparisons

Darktrace vs. LogRhythm NDR

Compared 47% of the time.

Vectra AI vs. LogRhythm NDR

Compared 27% of the time.

Lumu vs. LogRhythm NDR

Compared 26% of the time.

More LogRhythm NDR Competitors →

Darktrace vs. NetWitness XDR

Compared 15% of the time.

ExtraHop Reveal(x) vs. NetWitness XDR

Compared 12% of the time.

CrowdStrike Falcon vs. NetWitness XDR

Compared 9% of the time.

SentinelOne Singularity Complete vs. NetWitness XDR

Compared 8% of the time.

Microsoft Defender for Endpoint vs. NetWitness XDR

Compared 7% of the time.

More NetWitness XDR Competitors →

Also Known As

LogRhythm MistNet

RSA ECAT, NetWitness Network

Learn More

LogRhythm

Video Not Available

NetWitness

Video Not Available

Overview

Securing your network against advanced persistent threats (APTs) requires greater visibility to detect actors and their actions so that you can reduce your response time. As threats increase, real-time network detection and response (NDR) solutions are more critical than ever.

While other NDR solutions rely solely on machine learning (ML) based threat detection, LogRhythm uses hybrid analytics that combine machine learning, rules-based detection, and threat intelligence to analyze network, user, and host activity. This holistic approach provides a true representation of all activity within the enterprise domain, making it possible to detect lateral movement, exfiltration, malware compromise, ransomware, and other threats in real time.

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

Sample Customers

EMW, Conduent, University of Massachusetts, Deloitte Canada, Central Bank of Barbados, Coalfire

ADP, Ameritas, Partners Healthcare

Top Industries

VISITORS READING REVIEWS

Computer Software Company23%

Government10%

Manufacturing Company9%

Comms Service Provider7%

VISITORS READING REVIEWS

Financial Services Firm15%

Computer Software Company15%

Government8%

Manufacturing Company7%

Company Size

VISITORS READING REVIEWS

Small Business34%

Midsize Enterprise9%

Large Enterprise57%

REVIEWERS

Small Business59%

Midsize Enterprise24%

Large Enterprise18%

VISITORS READING REVIEWS

Small Business17%

Midsize Enterprise16%

Large Enterprise67%

LogRhythm NDR vs NetWitness XDR comparison