Microsoft Defender Threat Intelligence vs NetWitness XDR comparison

You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Microsoft Defender Threat Intelligence and NetWitness XDR based on real PeerSpot user reviews.

Find out in this report how the two Threat Intelligence Platforms solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Microsoft Defender Threat Intelligence vs. NetWitness XDR Report (Updated: January 2024).
755,666 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The product is useful when the end user downloads malware files.""It is very scalable. There are approximately 2,000 endpoints and up to 200 servers in our company.""The user interface is pretty user-friendly.""The product's anti-spam and malware-scanning features are useful. We scan email attachments, documents, and malicious codes.""I value how Threat Intelligence integrates with the different platforms in Microsoft.""Its user-friendliness is its most valuable aspect.""You can use it to monitor third parties and ensure they are not under threat attacks. It is beneficial in the GRC model.""The tool is managed from the cloud, because of which the maintenance is very low."

More Microsoft Defender Threat Intelligence Pros →

"This solution allows us to locate the malware in real-time.""The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good.""RSA NetWitness does market analysis in a more granular form. It gives you full visibility.""They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in.""It helps our security team respond more accurately when there are threats, then we get less false positives or negatives.""The interface of this solution is very flexible and easy to use.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."

More NetWitness XDR Pros →

"The software is expensive.""I would like to see more AI features and capabilities.""The price point is something they can improve slightly for those who don't have an M 365 E5.""Microsoft Defender Threat Intelligence is evolving and needs to fix and enhance numerous issues like stability and licensing. The continuous rebranding and licensing changes are confusing.""I would like to see more integration with other solutions. For example, integration well with Microsoft but not with other solutions.""Technical support could be a bit better.""Having up-to-date documentation and real-time reflections in all portals would be beneficial to keep users informed about any changes. Additionally, the frequent changes in Microsoft's UI and the movement of features between different products in the set pose difficulties.""There could be more automation features included in the product."

More Microsoft Defender Threat Intelligence Cons →

"Threat detection could be better.""The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features.""The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge.""The solution lacks a reporting engine.""Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.""RSA NetWitness Network could improve on integration with non-native application integration.""I would like to see Security Orchestration and Response Automation (SOAR) integration."

More NetWitness XDR Cons →

Pricing and Cost Advice
  • "Considering Microsoft is constantly changing licensing, I would give it a seven out of ten. It can be difficult to get your head around it, especially for small to medium-sized enterprises (SMEs)."
  • "They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses."
  • "The product’s pricing is worth it."
  • "The solution can be licensed, but most users would already have it in their Office 365 license."
  • "It is an expensive product."
  • "The tool is expensive as a stand-alone solution. However, it is not cheap when you purchase it as a bundle."
  • "I rate the product's price a six or seven on a scale of one to ten, where one is expensive, and ten is cheap."
  • "I use the product's default version, which is a free one and not the licensed version."
  • More Microsoft Defender Threat Intelligence Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
  • More NetWitness XDR Pricing and Cost Advice →

    Use our free recommendation engine to learn which Threat Intelligence Platforms solutions are best for your needs.
    755,666 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Microsoft Defender Threat Intelligence is a user-friendly software. It has efficient antivirus features.
    Top Answer:There could be more automation features included in the product.
    Top Answer:The solution is used for threat intelligence. The tool enables us to detect potential breaches and react to them proactively. Alerts are sent to our SOC team. Our SOC team investigates whether it's a… more »
    Top Answer:Technical support is knowledgeable.
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the competition. I cannot speak to the exact pricing of the product.
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not… more »
    Average Words per Review
    Average Words per Review
    Also Known As
    RSA ECAT, NetWitness Network
    Learn More
    Video Not Available
    Video Not Available

    Microsoft Defender Threat Intelligence is a comprehensive security solution that provides organizations with real-time insights into the latest cyber threats. Leveraging advanced machine learning and artificial intelligence capabilities, it offers proactive threat detection and response, enabling businesses to stay one step ahead of attackers. With Microsoft Defender Threat Intelligence, organizations gain access to a vast array of threat intelligence data, including indicators of compromise (IOCs), security incidents, and emerging threats. This data is collected from a wide range of sources, such as Microsoft's global sensor network, industry partners, and security researchers, ensuring comprehensive coverage and accuracy. The solution's advanced analytics and machine learning algorithms analyze this threat intelligence data in real-time, identifying patterns, trends, and anomalies that may indicate a potential security breach. By continuously monitoring the network and endpoints, Microsoft Defender Threat Intelligence can quickly detect and respond to threats, minimizing the impact of attacks and reducing the time to remediation. 

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Sample Customers
    Information Not Available
    ADP, Ameritas, Partners Healthcare
    Top Industries
    Computer Software Company29%
    Financial Services Firm21%
    Non Profit14%
    Manufacturing Company7%
    Computer Software Company20%
    Financial Services Firm9%
    Educational Organization8%
    Computer Software Company15%
    Financial Services Firm15%
    Manufacturing Company7%
    Company Size
    Small Business52%
    Midsize Enterprise5%
    Large Enterprise43%
    Small Business24%
    Midsize Enterprise14%
    Large Enterprise63%
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    Small Business18%
    Midsize Enterprise16%
    Large Enterprise66%
    Buyer's Guide
    Microsoft Defender Threat Intelligence vs. NetWitness XDR
    January 2024
    Find out what your peers are saying about Microsoft Defender Threat Intelligence vs. NetWitness XDR and other solutions. Updated: January 2024.
    755,666 professionals have used our research since 2012.

    Microsoft Defender Threat Intelligence is ranked 3rd in Threat Intelligence Platforms with 21 reviews while NetWitness XDR is ranked 13th in Threat Intelligence Platforms with 7 reviews. Microsoft Defender Threat Intelligence is rated 8.4, while NetWitness XDR is rated 8.0. The top reviewer of Microsoft Defender Threat Intelligence writes "A native Microsoft solution the provides great ROI and continuously improves its offering". On the other hand, the top reviewer of NetWitness XDR writes "Advanced threat detection undermined by issues with blocking". Microsoft Defender Threat Intelligence is most compared with Microsoft Sentinel, STAXX, ThreatConnect Threat Intelligence Platform (TIP), Cisco Threat Grid and Microsoft Defender for Office 365, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and Palo Alto Networks Cortex XSOAR. See our Microsoft Defender Threat Intelligence vs. NetWitness XDR report.

    See our list of best Threat Intelligence Platforms vendors.

    We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.