Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs SolarWinds Security Event Manager comparison

NetWitness and SolarWinds are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #29 with an average rating of 8.0, while SolarWinds is ranked #33 with an average rating of 7.8. NetWitness holds a 0.6% mindshare in SIEM, compared to SolarWinds’s 0.6% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 82% of SolarWinds users who would recommend it.
NetWitness Platform
Read 37 NetWitness Platform reviews
  • 1,052 Views
  • 579 Comparison Views
75% willing to recommend
SolarWinds Security Event M...
Read 26 SolarWinds Security Event Manager reviews
  • 1,388 Views
  • 461 Comparison Views
82% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and SolarWinds Security Event Manager compete in the advanced threat detection and security event management category. SolarWinds seems to have the upper hand due to its user-friendly features and ease of integration.

Features: NetWitness Platform is known for its advanced threat detection, real-time monitoring, and robust analytics. SolarWinds Security Event Manager is recognized for comprehensive log management, correlation capabilities, and a wide range of tools, all with user-friendly integration.

Room for Improvement: NetWitness Platform could improve reporting, scalability, and overall performance. SolarWinds Security Event Manager needs enhancements in threat intelligence, alerting mechanisms, and performance. Each product has specific areas for improvement based on user feedback.

Ease of Deployment and Customer Service: NetWitness Platform deployment is complex and requires technical expertise, but customer service is noted for high-quality support. SolarWinds Security Event Manager offers straightforward deployment and a responsive support team, making it easier for users to deploy and access customer service.

Pricing and ROI: NetWitness Platform has higher setup costs but offers significant ROI through advanced threat detection. SolarWinds Security Event Manager is more cost-effective, balancing cost and features, resulting in better overall ROI due to affordability and effectiveness.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. SolarWinds Security Event Manager Report (Updated: June 2025).
Buyer's Guide
NetWitness Platform vs. SolarWinds Security Event Manager
June 2025
Download the complete report
Helped 857,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
29th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (38th)
SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
26
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.6%, down from 0.8% compared to the previous year. The mindshare of SolarWinds Security Event Manager is 0.6%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review
Rafal-Stas - PeerSpot reviewer
Helpful in areas like event management, log viewing, and information management
The product's initial setup phase on the cloud is pretty easy but on an on-premises version, I think it is of a moderate level. The solution is deployed on the cloud and on an on-premises model. The time required to deploy the solution depends on the customers' infrastructure, and it may range from a couple of weeks to a couple of months, as it depends on how many additional custom configurations are required. Around two to three engineers are usually involved in the tool's installation process.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"NetWitness can be highly beneficial for incident detection and response."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable features are the packet inspection and the automated incident response."
"NetWitness Platform offers flexibility for deployment and robust integration capabilities."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"The most valuable feature is the hunting ability to work in a CERT."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The most valuable features are the packet decoder, log decoder, and concentrator."
More NetWitness Platform pros
"It performs network behavior monitoring, log monitoring, and disaster recovery monitoring."
"The most valuable feature is the ease of use for the end user."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"We had to integrate with other teams, and the infrastructure deployment didn't take long. The integration involves learning with different teams, networking, and configuring various network devices and servers. Infrastructure deployment only took one or two days."
"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
"The product's most effective part in improving security stems from the fact that the solution is deployed for event management, log viewing, and information management."
"SolarWinds is effective for server, network, and log monitoring. It's also good for IP address management. We also have a patch manager, but we're still working on getting that operational."
"This tool is simple to use."
More SolarWinds Security Event Manager pros
 

Cons

"The implementation needs assistance."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The tool's integration capability isn't so great."
"Health monitoring of the event sources and devices."
More NetWitness Platform cons
"I think the customization area in the tool can be considered as an area of concern where improvements are required."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"There is no correlation made between log entries, so no threat information is presented."
"The only issue is the pricetag. SolarWinds is a costly solution."
"I would like to have a more customizable dashboard."
"It can be difficult for users who are inexperienced with the solution."
"I don't think SolarWinds is scalable enough. It is somewhat limited when I need to deploy it across multiple environments in a distributed architecture."
"It is a very technical program. They can simplify it so that it isn't so hard to deal with."
More SolarWinds Security Event Manager cons
 

Pricing and Cost Advice

"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"It is cheap."
"The product is expensive."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"We are on an annual license for the use of the solution."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
More NetWitness Platform pricing and cost advice
"Licenses can only be purchased in blocks of fifty at a time."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"The pricing model would benefit from having package deals with other SolarWinds products."
"Licensing is on devices, so if you have many, then this may be high."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
"The price of SolarWinds Security Event Manager is reasonable."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
857,028 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
18%
Government
6%
Energy/Utilities Company
5%
Educational Organization
60%
Computer Software Company
7%
Financial Services Firm
7%
University
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What do you like most about SolarWinds Security Event Manager ?
The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers.
See all answers
What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
See all answers
What needs improvement with SolarWinds Security Event Manager ?
I think the customization area in the tool can be considered as an area of concern where improvements are required In the future, I want to see the tool have better customization abilities with som...
See all answers
 

Comparisons

Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 24% of the time
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 20% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 14% of the time
RSA enVision vs NetWitness Platform Logo
RSA enVision vs NetWitness Platform
Compared 10% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 9% of the time
More NetWitness Platform Competitors
Wazuh vs SolarWinds Security Event Manager Logo
Wazuh vs SolarWinds Security Event Manager
Compared 34% of the time
Splunk Enterprise Security vs SolarWinds Security Event Manager Logo
Splunk Enterprise Security vs SolarWinds Security Event Manager
Compared 16% of the time
IBM Security QRadar vs SolarWinds Security Event Manager Logo
IBM Security QRadar vs SolarWinds Security Event Manager
Compared 11% of the time
Microsoft Sentinel vs SolarWinds Security Event Manager Logo
Microsoft Sentinel vs SolarWinds Security Event Manager
Compared 9% of the time
ManageEngine Log360 vs SolarWinds Security Event Manager Logo
ManageEngine Log360 vs SolarWinds Security Event Manager
Compared 8% of the time
More SolarWinds Security Event Manager Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
May 2025
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
SolarWinds Security Event Manager
May 2025
SolarWinds Security Event Manager reportDownload SolarWinds Security Event Manager product report
 

Also Known As

RSA Security Analytics
SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

When TriGeo was acquired by SolarWinds, TriGeo SIM became known as SolarWinds Log & Event Manager. This product is a leading Security Information and Event Management (SIEM) product and log management solution, which provides log collection, analysis, and real-time correlation.

SolarWinds
 

Sample Customers

Los Angeles World Airports, Reply
NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
Buyer's Guide
NetWitness Platform vs. SolarWinds Security Event Manager
June 2025
Free Report: NetWitness Platform vs. SolarWinds Security Event Manager
Find out what your peers are saying about NetWitness Platform vs. SolarWinds Security Event Manager and other solutions. Updated: June 2025.
DOWNLOAD NOW
857,028 professionals have used our research since 2012.
See our NetWitness Platform vs. SolarWinds Security Event Manager report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.