NetWitness NDR and ThreatLocker Zero Trust Endpoint Protection Platform are competing cybersecurity solutions in network detection and endpoint protection. While NetWitness NDR has an edge in pricing and support, ThreatLocker offers a more robust feature set, making it a potentially better investment despite the higher cost.
Features: NetWitness NDR is notable for providing comprehensive network visibility, behavioral analysis, and threat intelligence integration, making it proficient in detecting and responding to advanced threats. ThreatLocker Zero Trust Endpoint Protection Platform features application whitelisting, ringfencing, and storage control to prevent unauthorized applications and potential breaches. The key difference is NetWitness’s network-centric approach versus ThreatLocker’s focus on endpoint protection, catering to distinct security needs.
Room for Improvement: NetWitness NDR could enhance its ease of use and reduce the complexity of its deployment process. It might also benefit from simplifying its configuration interfaces. ThreatLocker, on the other hand, could expand its integration capabilities with more third-party solutions, enhance its reporting tools, and refine its user interface for deeper granular controls.
Ease of Deployment and Customer Service: NetWitness NDR has a complex deployment process that may require time and assistance, but this is mitigated by its comprehensive customer support. ThreatLocker emphasizes a quicker deployment and user-friendly approach, enhanced by responsive customer service, making it easy to implement and manage.
Pricing and ROI: NetWitness NDR is perceived as having a lower setup cost, providing good ROI through its threat detection and network visibility. In comparison, ThreatLocker may incur a higher initial expense but justifies its pricing with enhanced security features and long-term savings in breach prevention.
If something were to happen without ThreatLocker, the cost would be huge, and thus, having it is definitely worth it.
The main return on investment is peace of mind, knowing that with ThreatLocker on any endpoint, it will almost always block all malicious code or exploits, even zero-day exploits.
It keeps malware, Trojans, and ransomware at bay.
They have been very responsive, helpful, and knowledgeable.
I would rate their customer support a ten out of ten.
Their support is world-class.
I started off with just the servers, and within a month and a half, I set up the entire company with ThreatLocker.
It seems to primarily operate on the endpoints rather than at a central location pushing out policies.
I would rate it a ten out of ten for scalability.
For five years, we have not had a problem.
Once deployed, it downloads the policies locally, so even if the computer doesn't have internet, it doesn't matter.
It has been very stable, reliable, and accessible.
Controlling the cloud environment, not just endpoints, is crucial.
This is problematic when immediate attention is needed.
Comprehensive 24-hour log monitoring is a valuable enhancement for both business and enterprise-level users.
After conversations with other partners, it became clear we underpriced it initially, which caused most of our issues.
We are moving towards the Unified solution, where they basically bundle everything together, providing us better stability with the ability to bring in new product offerings without having to go back to the customer and say, 'This is going to cost you.'
I had a really good deal at the time, and it continues to be cost-effective.
ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications has been excellent.
It protects our customers.
The major benefit is fewer breaches overall, as nothing can be run without prior approval. This helps my company protect its data and secure itself effectively.
| Product | Market Share (%) |
|---|---|
| ThreatLocker Zero Trust Endpoint Protection Platform | 1.1% |
| NetWitness NDR | 0.5% |
| Other | 98.4% |
| Company Size | Count |
|---|---|
| Small Business | 10 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
| Company Size | Count |
|---|---|
| Small Business | 32 |
| Midsize Enterprise | 4 |
| Large Enterprise | 3 |
Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.
ThreatLocker Zero Trust Endpoint Protection Platform empowers organizations with application control, selective elevation, and ring-fencing to enhance security and prevent unauthorized access.
ThreatLocker provides comprehensive security management using application allowlisting to ensure only approved software operates across servers and workstations. The platform's centralized management simplifies security processes by consolidating multiple tools, and its robust capabilities align with zero-trust strategies by actively blocking unauthorized applications and ensuring compliance. Users note intuitive features such as mobile access, helpful training resources, and responsive support, which effectively reduce operational costs and help desk inquiries. The managed service providers prefer ThreatLocker to maintain network integrity by preventing malicious scripts and unauthorized access attempts. However, users identify room for growth in training and support flexibility, the interface, and certain technical challenges like network saturation from policy updates.
What are the most important features?Organizations utilize ThreatLocker for application allowlisting, ensuring only authorized software operates to prevent unauthorized access efficiently. Deployed across servers and workstations, its features support zero-trust principles and are favored by managed service providers for application management and network integrity.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
