Try our new research platform with insights from 80,000+ expert users

Morphisec vs NetWitness NDR comparison

Morphisec and NetWitness are both solutions in the Endpoint Protection Platform (EPP) category. Morphisec is ranked #56, while NetWitness is ranked #59. Morphisec holds a 0.4% mindshare in EPP, compared to NetWitness’s 0.3% mindshare. Additionally, 100% of Morphisec users are willing to recommend the solution, compared to 87% of NetWitness users who would recommend it.
Morphisec
Read 21 Morphisec reviews
  • 1,136 Views
  • 655 Comparison Views
100% willing to recommend
NetWitness NDR
Read 15 NetWitness NDR reviews
  • 583 Views
  • 452 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

NetWitness NDR and Morphisec are two prominent solutions in network detection and response. Morphisec stands out due to its proactive approach to security, though some users feel it is worth the higher price.

Features: Users highly value NetWitness NDR for its comprehensive network monitoring and analytics. NetWitness NDR excels in detailed forensic analysis. Morphisec is praised for its advanced threat prevention capabilities and lightweight design. Morphisec's strength lies in its proactive defense mechanisms.

Room for Improvement: NetWitness NDR users seek enhancements in its integration capabilities. They also desire a more intuitive learning curve and better scalability. Morphisec users desire expanded reporting features and better scalability. Enhanced integration is also sought after in both products.

Ease of Deployment and Customer Service: NetWitness NDR offers flexible deployment options but receives mixed feedback on complexity. Customer service for NetWitness is well-regarded. Morphisec, noted for its simplicity in deployment, garners positive reviews for customer service efficiency. Morphisec’s ease of deployment is a distinct advantage.

Pricing and ROI: NetWitness NDR is perceived to have higher initial setup costs, yet users acknowledge substantial long-term ROI. Morphisec, despite a higher price point, is seen as an investment worth the cost due to its effective threat mitigation. Morphisec users report quicker ROI due to reduced incidents.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Morphisec vs. NetWitness NDR Report (Updated: April 2025).
Buyer's Guide
Morphisec vs. NetWitness NDR
April 2025
Download the complete report
Helped 850,491 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Morphisec
Ranking in Endpoint Protection Platform (EPP)
56th
Ranking in Endpoint Detection and Response (EDR)
58th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (61st), Advanced Threat Protection (ATP) (34th), Cloud Workload Protection Platforms (CWPP) (37th), Threat Deception Platforms (14th)
NetWitness NDR
Ranking in Endpoint Protection Platform (EPP)
59th
Ranking in Endpoint Detection and Response (EDR)
63rd
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Threat Intelligence Platforms (36th), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (37th)
 

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Morphisec is 0.4%, up from 0.3% compared to the previous year. The mindshare of NetWitness NDR is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Islam Shaikh - PeerSpot reviewer
Lightweight, detects everything quickly, and takes corrective action
We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.
Read full review
SupravatMaji - PeerSpot reviewer
Beneficial single unified dashboard, good native application integration, and high availability
My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Morphisec has enabled us to become a lot less paranoid when it comes to staff clicking on things or accessing things that they shouldn't that could infect the whole system. Our original ransomware attack that happened came from someone's Google drive and then just filtered on through that. It has put our minds at ease a lot more in running it. It's also another layer of security that has been proven to be effective for us."
"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."
"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"What's valuable is really the whole kit and caboodle of the Morphisec agent. What it does is genius, in a way, until the bad guys get wise to it. You set it up and then you watch the dashboard. There isn't really much tinkering."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
More Morphisec pros
"The stability of the RSA NetWitness Endpoint is very good."
"This solution allows us to locate the malware in real-time."
"It is stable. We have been using it for some time, without any issues."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"The interface of this solution is very flexible and easy to use."
More NetWitness NDR pros
 

Cons

"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
"The dashboard is the area that requires the most improvement. We have about, I would say 5,500 computers currently, and searching through all of those takes some time to filter. So as soon as you apply the filter, it takes a few seconds. It crunches, it thinks, and then it brings up the clients that match."
More Morphisec cons
"The solution lacks a reporting engine."
"Threat detection could be better."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The initial setup requires a high level of skill."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
More NetWitness NDR cons
 

Pricing and Cost Advice

"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"The pricing is definitely fair for what it does."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
More Morphisec pricing and cost advice
"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
"I do not have any opinion on the pricing or licensing of the product."
"It is highly scalable. It can be bought based on your requirements."
"We are on a three-year contract to use RSA NetWitness Network."
"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."
"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
More NetWitness NDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
850,491 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Outsourcing Company
14%
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
8%
Computer Software Company
18%
Financial Services Firm
17%
Government
9%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Comparisons

CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 33% of the time
Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 15% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 12% of the time
Hyver vs Morphisec Logo
Hyver vs Morphisec
Compared 7% of the time
Cisco Secure Endpoint vs Morphisec Logo
Cisco Secure Endpoint vs Morphisec
Compared 7% of the time
More Morphisec Competitors
Darktrace vs NetWitness NDR Logo
Darktrace vs NetWitness NDR
Compared 14% of the time
Fidelis Elevate vs NetWitness NDR Logo
Fidelis Elevate vs NetWitness NDR
Compared 11% of the time
Vectra AI vs NetWitness NDR Logo
Vectra AI vs NetWitness NDR
Compared 9% of the time
Cortex XDR by Palo Alto Networks vs NetWitness NDR Logo
Cortex XDR by Palo Alto Networks vs NetWitness NDR
Compared 9% of the time
Corelight vs NetWitness NDR Logo
Corelight vs NetWitness NDR
Compared 7% of the time
More NetWitness NDR Competitors
 

Product Reports

Buyer's Guide
Morphisec
April 2025
Morphisec reportDownload Morphisec product report
Buyer's Guide
NetWitness NDR
April 2025
NetWitness NDR reportDownload NetWitness NDR product report
 

Also Known As

Morphisec, Morphisec Moving Target Defense
RSA ECAT, NetWitness Network
 

Overview

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness
 

Sample Customers

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
ADP, Ameritas, Partners Healthcare
Buyer's Guide
Morphisec vs. NetWitness NDR
April 2025
Free Report: Morphisec vs. NetWitness NDR
Find out what your peers are saying about Morphisec vs. NetWitness NDR and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,491 professionals have used our research since 2012.
See our Morphisec vs. NetWitness NDR report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.