Try our new research platform with insights from 80,000+ expert users

NetWitness NDR vs Stormshield Endpoint Security comparison

NetWitness and Stormshield are both solutions in the Endpoint Protection Platform (EPP) category. NetWitness is ranked #59, while Stormshield is ranked #64. NetWitness holds a 0.3% mindshare in EPP, compared to Stormshield’s 0.2% mindshare. Additionally, 87% of NetWitness users are willing to recommend the solution, compared to 100% of Stormshield users who would recommend it.
NetWitness NDR
Read 15 NetWitness NDR reviews
  • 1,829 Views
  • 530 Comparison Views
87% willing to recommend
Stormshield Endpoint Security
Read 3 Stormshield Endpoint Security reviews
  • 329 Views
  • 299 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Stormshield Endpoint Security and NetWitness NDR compete in the cybersecurity sector, focusing on endpoint protection and network detection and response, respectively. NetWitness NDR appears to have the upper hand due to its advanced features, making it worth the higher cost.

Features: Stormshield Endpoint Security users value its strong malware protection, firewall capabilities, and ease of use in diverse environments. NetWitness NDR is known for comprehensive threat detection, automated response features, and deep packet inspection.

Room for Improvement: Users of Stormshield Endpoint Security indicate a need for better reporting tools, improved customization options, and enhanced analytics. NetWitness NDR users suggest reducing setup complexity, better training resources, and a more user-friendly interface.

Ease of Deployment and Customer Service: Stormshield Endpoint Security is noted for quick and straightforward deployment, supported by responsive customer service. NetWitness NDR deployment is seen as more complex, but customer service is effective once the product is in use.

Pricing and ROI: Stormshield Endpoint Security is considered cost-effective with a solid ROI, making it appealing for budget-conscious buyers. NetWitness NDR, though more expensive, is deemed worth the investment due to its robust capabilities and the perceived higher return on investment.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness NDR vs. Stormshield Endpoint Security Report (Updated: September 2025).
Buyer's Guide
NetWitness NDR vs. Stormshield Endpoint Security
September 2025
Download the complete report
Helped 869,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness NDR
Ranking in Endpoint Protection Platform (EPP)
59th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Threat Intelligence Platforms (TIP) (40th), Endpoint Detection and Response (EDR) (63rd), Security Orchestration Automation and Response (SOAR) (25th), Network Detection and Response (NDR) (19th), Extended Detection and Response (XDR) (37th)
Stormshield Endpoint Security
Ranking in Endpoint Protection Platform (EPP)
64th
Average Rating
8.0
Number of Reviews
3
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of NetWitness NDR is 0.3%, up from 0.2% compared to the previous year. The mindshare of Stormshield Endpoint Security is 0.2%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
NetWitness NDR0.3%
Stormshield Endpoint Security0.2%
Other99.5%
Endpoint Protection Platform (EPP)
 

Featured Reviews

SupravatMaji - PeerSpot reviewer
Beneficial single unified dashboard, good native application integration, and high availability
My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.
Read full review
it_user745593 - PeerSpot reviewer
Protects the global station and has good stability
The feature I find most valuable is that it protects the global station The solution's integration with the Windows environment could be better. The solution needs better integration with products, if it did, it would have the assumption of better security. I've been using the solution since…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"It is stable. We have been using it for some time, without any issues."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"This solution allows us to locate the malware in real-time."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"Technical support is knowledgeable."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
More NetWitness NDR pros
"The feature I find most valuable is that it protects the global station."
 

Cons

"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The solution lacks a reporting engine."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"The contamination feature could be improved."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
More NetWitness NDR cons
"The solution's integration with the Windows environment could be better."
 

Pricing and Cost Advice

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."
"I do not have any opinion on the pricing or licensing of the product."
"We are on a three-year contract to use RSA NetWitness Network."
"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
"It is highly scalable. It can be bought based on your requirements."
"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
"It is an expensive product."
More NetWitness NDR pricing and cost advice
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
869,760 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Computer Software Company
12%
Manufacturing Company
8%
Government
7%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise2
Large Enterprise5
No data available
 

Comparisons

Darktrace vs NetWitness NDR Logo
Darktrace vs NetWitness NDR
Compared 16% of the time
Cortex XDR by Palo Alto Networks vs NetWitness NDR Logo
Cortex XDR by Palo Alto Networks vs NetWitness NDR
Compared 8% of the time
Fidelis Elevate vs NetWitness NDR Logo
Fidelis Elevate vs NetWitness NDR
Compared 8% of the time
Vectra AI vs NetWitness NDR Logo
Vectra AI vs NetWitness NDR
Compared 6% of the time
Corelight vs NetWitness NDR Logo
Corelight vs NetWitness NDR
Compared 6% of the time
More NetWitness NDR Competitors
CrowdStrike Falcon vs Stormshield Endpoint Security Logo
CrowdStrike Falcon vs Stormshield Endpoint Security
Compared 100% of the time
More Stormshield Endpoint Security Competitors
 

Product Reports

Buyer's Guide
NetWitness NDR
September 2025
NetWitness NDR reportDownload NetWitness NDR product report
Buyer's Guide
Endpoint Protection Platform (EPP)
September 2025
Stormshield Endpoint Security reportDownload Stormshield Endpoint Security product report
 

Also Known As

RSA ECAT, NetWitness Network
SkyRecon Systems StormShield Security Suite
 

Overview

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness
Stormshield offers innovative end-to-end security solutions worldwide to protect networks (Stormshield Network Security), workstations (Stormshield Endpoint Security) and data (Stormshield Data Security). These next-generation trusted solutions ensure the protection of strategic information and are deployed through a partner network of distributors, integrators and operators in businesses of all sizes, government institutions and defense organizations worldwide.
Stormshield
 

Sample Customers

ADP, Ameritas, Partners Healthcare
Arkoon, Netasq
Buyer's Guide
NetWitness NDR vs. Stormshield Endpoint Security
September 2025
Free Report: NetWitness NDR vs. Stormshield Endpoint Security
Find out what your peers are saying about NetWitness NDR vs. Stormshield Endpoint Security and other solutions. Updated: September 2025.
DOWNLOAD NOW
869,760 professionals have used our research since 2012.
See our NetWitness NDR vs. Stormshield Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.