NetWitness NDR vs ThreatBook comparison

NetWitness and ThreatBook are both solutions in the Threat Intelligence Platforms category. NetWitness is ranked #39, while ThreatBook is ranked #16 with an average rating of 9.5. Additionally, 87% of NetWitness users are willing to recommend the solution, compared to 100% of ThreatBook users who would recommend it.

NetWitness NDR

Read 15 NetWitness NDR reviews

219 Views
73 Comparison Views

87% willing to recommend

ThreatBook

Read 2 ThreatBook reviews

35 Views
7 Comparison Views

100% willing to recommend

NetWitness NDR

ThreatBook

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 31, 2025

NetWitness NDR and ThreatBook compete in the network detection and response space. NetWitness NDR is known for its comprehensive threat detection and response, while ThreatBook offers strong threat intelligence features, making both valuable in their own right.

Features: NetWitness NDR provides real-time threat analysis, utilizes machine learning algorithms, and offers comprehensive data logs. ThreatBook specializes in threat intelligence, integrating global threat data for deeper insights and detailed threat assessments.

Ease of Deployment and Customer Service: NetWitness NDR ensures smooth deployment with reliable support for quick setup. ThreatBook delivers a streamlined process and stands out for its personalized customer service.

Pricing and ROI: NetWitness NDR is fairly priced with good ROI owing to its feature set. ThreatBook, despite higher setup costs, promises significant ROI with its sophisticated threat intelligence.

To learn more, read our detailed NetWitness NDR vs. ThreatBook Report (Updated: June 2025).

Buyer's Guide

NetWitness NDR vs. ThreatBook

June 2025

Download the complete report

Helped 857,162 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

NetWitness NDR

Ranking in Threat Intelligence Platforms

39th

Ranking in Network Detection and Response (NDR)

21st

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (59th), Endpoint Detection and Response (EDR) (60th), Security Orchestration Automation and Response (SOAR) (25th), Extended Detection and Response (XDR) (38th)

ThreatBook

Ranking in Threat Intelligence Platforms

16th

Ranking in Network Detection and Response (NDR)

14th

Average Rating

9.6

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Featured Reviews

SupravatMaji

Associate Vice President - IT Security at Inspira Enterprise

Beneficial single unified dashboard, good native application integration, and high availability

My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

Read full review

Rong Gao

Security Engineer at Jiangsu Zhongtian Technology Co., Ltd.

Enhancement in incident response through reduced false positives and contextual intelligence

ThreatBook has positively impacted our organization by allowing us to detect all alerts and threats effectively. In the past, we needed to search logs from various sources, including terminals, DI servers, and firewalls, collecting a lot of logs and searching the internet for contextual information about threat actors. After using ThreatBook TDP, all alerts and contexts are easily displayed on the dashboard, making it very helpful for us. During the incident response scenario, ThreatBook saves us over 80% of the time for each incident. We usually took about one day or two days for attribution and understanding how the attacker attacked us, but after using ThreatBook TDP, we usually take around one or two hours to finish all these tasks. Additionally, their AI techniques save a lot of time, allowing me to ask in natural language for explanations about the meaning and target of the attacker.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."

"The stability of the RSA NetWitness Endpoint is very good."

"The interface of this solution is very flexible and easy to use."

"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."

"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."

"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."

"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."

"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."

More NetWitness NDR pros

"ThreatBook saves us over 80% of time for each incident, reducing the usual time taken from one or two days for attribution to just one or two hours, thanks to their AI techniques."

"ThreatBook saves us over 80% of the time for each incident."

Cons

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."

"RSA NetWitness Network could improve on integration with non-native application integration."

"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."

"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."

"Threat detection could be better."

"The solution lacks a reporting engine."

"I would like to see Security Orchestration and Response Automation (SOAR) integration."

More NetWitness NDR cons

"It would be great if ThreatBook could integrate with our ITSM system to streamline the tasks and incident management"

"We’ve seen strong ROI through reduced incident response times, increased threat visibility, and less time wasted on false positives."

Pricing and Cost Advice

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"I do not have any opinion on the pricing or licensing of the product."

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"It is highly scalable. It can be bought based on your requirements."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"We are on a three-year contract to use RSA NetWitness Network."

"It is an expensive product."

More NetWitness NDR pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Threat Intelligence Platforms solutions are best for your needs.

See recommendations

857,162 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

16%

Government

Manufacturing Company

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for ThreatBook?

The procurement process is easy because ThreatBook is a subscription model, and when I need it, I just pay for it. The billing experience is clear with no extra fees; all the costs are clearly show...

See all answers

What needs improvement with ThreatBook?

It would be great if ThreatBook could integrate with our ITSM system to streamline the tasks and incident management, and I hope this feature will be provided in the future. Everything is perfect, ...

See all answers

What is your primary use case for ThreatBook?

Mainly, we use ThreatBook TDP to monitor the east-west and north-south network traffic, detect abnormal behaviors, and provide contextual intelligence to support our threat hunting and incident res...

See all answers

Comparisons

Darktrace vs NetWitness NDR

Compared 13% of the time

Fidelis Elevate vs NetWitness NDR

Compared 11% of the time

Cortex XDR by Palo Alto Networks vs NetWitness NDR

Compared 9% of the time

Vectra AI vs NetWitness NDR

Compared 7% of the time

ExtraHop Reveal(x) vs NetWitness NDR

Compared 7% of the time

More NetWitness NDR Competitors

No data available

Product Reports

Buyer's Guide

NetWitness NDR

May 2025

Download NetWitness NDR product report

Buyer's Guide

Threat Intelligence Platforms

May 2025

Download ThreatBook product report

Also Known As

RSA ECAT, NetWitness Network

No data available

Overview

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness

ThreatBook is a cybersecurity platform that provides advanced threat intelligence to protect networks from evolving threats, utilizing real-time data analytics and comprehensive reporting to bolster defenses.

Designed for enterprises, ThreatBook equips IT teams with insights into the latest threats, integrating seamlessly with existing security infrastructures. It focuses on proactive threat detection and incident response, offering a deep understanding of threat landscapes. The platform is appreciated for its ability to deliver actionable intelligence, enhancing overall network security posture.

What are the key features of ThreatBook?

Real-Time Threat Intelligence: Delivers up-to-date data feeds and alerts to quickly identify emerging threats.
Comprehensive Reporting: Offers detailed reports and dashboards for threat analysis and decision-making.
Seamless Integration: Compatible with existing security systems for cohesive network protection.
Proactive Threat Detection: Utilizes advanced algorithms to identify potential risks before they impact operations.

What benefits and ROI can users expect from ThreatBook?

Enhanced Security Posture: Strengthens defenses against cyber threats with advanced intelligence.
Improved Decision Making: Facilitates informed security decisions with comprehensive threat data.
Efficient Incident Response: Reduces response time to security incidents through real-time alerts.
Scalable Protection: Adapts to the needs of businesses, providing effective security as they grow.

In finance, ThreatBook implementation helps safeguard sensitive financial data, while in healthcare it protects patient information by preventing data breaches. It also supports manufacturing businesses by securing intellectual property from cyber espionage. Each industry benefits from features tailored to its specific threat landscape and priorities.

ThreatBook

Sample Customers

ADP, Ameritas, Partners Healthcare

Information Not Available

Buyer's Guide

NetWitness NDR vs. ThreatBook

June 2025

Free Report: NetWitness NDR vs. ThreatBook

Find out what your peers are saying about NetWitness NDR vs. ThreatBook and other solutions. Updated: June 2025.

DOWNLOAD NOW

857,162 professionals have used our research since 2012.

See our NetWitness NDR vs. ThreatBook report.

See our list of best Threat Intelligence Platforms vendors and best Network Detection and Response (NDR) vendors.

We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.