NetWitness NDR and Trellix Endpoint Detection and Response (EDR) are both strong contenders in network threat detection. Trellix EDR seems to have the upper hand due to its advanced features and better customer service.
Features: User reviews highlight NetWitness NDR for its comprehensive network visibility, incident response capabilities, and overall network threat detection. Trellix EDR is recognized for its robust endpoints monitoring, automatic threat remediation, and advanced threat detection. While both products offer high-quality threat detection, Trellix EDR's automated response features make it a favorite among users.
Room for Improvement: NetWitness NDR users suggest enhancements in scalability, integration flexibility, and overall performance. Trellix EDR users see room for improvement in reporting capabilities, response times, and user interface. Both products have areas to develop, but NetWitness NDR seems to need more work in expanding its integration potential.
Ease of Deployment and Customer Service: NetWitness NDR is commended for its flexible deployment options, but users report inconsistency in customer support. Trellix EDR users find deployment straightforward and praise their support team's responsiveness. Trellix EDR appears to have an edge with smoother deployment and better customer service.
Pricing and ROI: NetWitness NDR users perceive it as cost-effective with good ROI. Trellix EDR is noted for offering value despite higher upfront costs due to superior features. While NetWitness NDR is seen as budget-friendly, Trellix EDR's feature set justifies its pricing for many users.
I have contracted support and also have an operating control so I can get various types of support.
I am seeing, for workflows, some sort of ethical hacking to test our environment.
Trellix Endpoint Detection and Response (EDR) is interesting and is a very good entry point that has been evolving through the last years.
I have spent efforts on training our managers and others - what can software do if the knowledge base is low?
All the tree of data that we have, which may be a lot of information to argue whether it is going to be a threat or not, can be analyzed.
| Product | Market Share (%) |
|---|---|
| Trellix Endpoint Detection and Response (EDR) | 1.1% |
| NetWitness NDR | 0.7% |
| Other | 98.2% |
| Company Size | Count |
|---|---|
| Small Business | 10 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
| Company Size | Count |
|---|---|
| Small Business | 13 |
| Midsize Enterprise | 3 |
| Large Enterprise | 10 |
Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.
Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption.
Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources.
Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
