• Home
  • NetWitness Platform vs. Trellix Advanced Threat Defense

NetWitness Platform vs Trellix Advanced Threat Defense comparison

Cancel
You must select at least 2 products to compare!
NetWitness Logo

NetWitness Platform

Read 36 NetWitness Platform reviews
1,183 views|721 comparisons
74% willing to recommend
Trellix Logo

Trellix Advanced Threat Defense

Read 8 Trellix Advanced Threat Defense reviews
811 views|564 comparisons
83% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Log Management
April 2024
Executive Summary

We performed a comparison between NetWitness Platform and Trellix Advanced Threat Defense based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management.
To learn more, read our detailed Log Management Report (Updated: April 2024).
Download the complete report
768,578 professionals have used our research since 2012.
Featured Review
Maurizio Testa
Researched Trellix Advanced Threat Defense but chose NetWitness Platform: Offers good security, integrates well, and they have good technical support
HossamSelim
Easy to set up and use with a nice interface
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing.""Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.""The solution is really scalable for the high-end power, enterprise customer.""The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.""The most valuable feature is the hunting ability to work in a CERT.""It's quite economical compared to other solutions in the market.""Offers a good wireless feature.""The most valuable feature is the correlation. It can report in real-time and monitor the management."

More NetWitness Platform Pros →

"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server.""It is stable and reliable.""The most valuable features are the administration console and its detection and response module.""I recommend this solution because of its ease of use.""Provides good exfiltration, and is an all-in-one product.""It is very scalable.""It stops in excess of twenty-five malware events per month, all of which could be critical to the business."

More Trellix Advanced Threat Defense Pros →

Cons
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.""Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10.""The initial setup was complex because it takes a lot of time to complete the implementation.""An area for improvement would be better automation and more inbuilt use cases.""Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine.""The log system is a bit complex and has room for improvement.""The solution should have more integration capabilities with different platforms.""Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."

More NetWitness Platform Cons →

"I would like to see future versions of the solution incorporate artificial intelligence technology.""This solution needs to be made "cloud ready".""There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client.""We'd like them to be better at dealing with script threats.""Lacks remote capabilities not dependent on the internet.""Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version.""The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."

More Trellix Advanced Threat Defense Cons →

Pricing and Cost Advice
  • "It’s cheaper to run virtual machines in a VMware environment."
  • "The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
  • "It is cheap."
  • "The licenses are good but the cost is very expensive."
  • "This is a pricey solution; it's not cheap."
  • "We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
  • "Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
  • "Our license is for one year."

    • More NetWitness Platform Pricing and Cost Advice →

  • "The product is expensive, but it is better than the rest of them in the industry."
  • "Our licensing fees for this solution are approximately one million dollars per year."

    • More Trellix Advanced Threat Defense Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    768,578 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    What do you like most about NetWitness Platform?
    Top Answer:The product's initial setup phase was not at all difficult.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for NetWitness Platform?
    Top Answer:The product price was reasonable for my region and the market.
    Read all 16 answers   →
    What needs improvement with NetWitness Platform?
    Top Answer:From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building a… more »
    Read all 25 answers   →
    What do you like most about McAfee Advanced Threat Defense?
    Top Answer:It is stable and reliable.
    Read all 6 answers   →
    What is your experience regarding pricing and costs for McAfee Advanced T...
    Top Answer:The product offers good pricing. It was not very expensive.
    Read all 4 answers   →
    What needs improvement with McAfee Advanced Threat Defense?
    Top Answer:The scalability could be better. We'd like them to be better at dealing with script threats. In sandboxing, the time to respond is slower than we would like. We'd like them to be able to process… more »
    Read all 7 answers   →
    Ranking
    20th
    out of 95 in Log Management
    Views
    1,183
    Comparisons
    721
    Reviews
    10
    Average Words per Review
    458
    Rating
    7.2
    20th
    out of 37 in Advanced Threat Protection (ATP)
    Views
    811
    Comparisons
    564
    Reviews
    1
    Average Words per Review
    548
    Rating
    8.0
    Comparisons
    Also Known As
    RSA Security Analytics
    McAfee Advanced Threat Defense
    Learn More
    NetWitness
    Video Not Available
    Trellix
    Overview

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Powerful advanced threat detection

    Uncover Hidden Threats

    Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

    Threat Intelligence Sharing

    Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

    Enable Investigation

    Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

    Sample Customers
    Los Angeles World Airports, Reply
    The Radicati Group, Florida International University, MGM Resorts International, County Durham andDarlington NHS Foundation Trust
    Top Industries
    REVIEWERS
    Comms Service Provider24%
    Financial Services Firm24%
    Computer Software Company24%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government10%
    Insurance Company6%
    REVIEWERS
    Manufacturing Company29%
    Computer Software Company29%
    Security Firm14%
    Financial Services Firm14%
    VISITORS READING REVIEWS
    Financial Services Firm14%
    Computer Software Company13%
    Manufacturing Company12%
    Government11%
    Company Size
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise67%
    REVIEWERS
    Small Business27%
    Midsize Enterprise36%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise8%
    Large Enterprise69%
    Buyer's Guide
    Log Management
    April 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management. Updated: April 2024.
    DOWNLOAD NOW
    768,578 professionals have used our research since 2012.

    NetWitness Platform is ranked 20th in Log Management with 36 reviews while Trellix Advanced Threat Defense is ranked 20th in Advanced Threat Protection (ATP) with 8 reviews. NetWitness Platform is rated 7.4, while Trellix Advanced Threat Defense is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Trellix Advanced Threat Defense writes "Easy to set up and use with a nice interface". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Trellix Advanced Threat Defense is most compared with Microsoft Defender for Office 365, Palo Alto Networks WildFire, Fortinet FortiSandbox, Trellix Network Detection and Response and Microsoft Defender for Identity.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.