We performed a comparison between NetWitness Platform and Trellix Advanced Threat Defense based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable feature is the security that it provides."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The newer 11.5 version that my team is using has found it to have good mapping."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"Performance and reporting are very good."
"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."
"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."
"It is very scalable."
"I recommend this solution because of its ease of use."
"The most valuable features are the administration console and its detection and response module."
"Provides good exfiltration, and is an all-in-one product."
"It is stable and reliable."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"An area for improvement would be better automation and more inbuilt use cases."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The initial setup is very complex and should be simplified."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"More customizability is required, which is something that they need to improve on."
"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."
"Lacks remote capabilities not dependent on the internet."
"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."
"I would like to see future versions of the solution incorporate artificial intelligence technology."
"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."
"This solution needs to be made "cloud ready"."
"We'd like them to be better at dealing with script threats."
More Trellix Advanced Threat Defense Pricing and Cost Advice →
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Trellix Advanced Threat Defense is ranked 20th in Advanced Threat Protection (ATP) with 8 reviews. NetWitness Platform is rated 7.4, while Trellix Advanced Threat Defense is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Trellix Advanced Threat Defense writes "Easy to set up and use with a nice interface". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Trellix Advanced Threat Defense is most compared with Microsoft Defender for Office 365, Palo Alto Networks WildFire, Fortinet FortiSandbox, Trellix Network Detection and Response and Microsoft Defender for Identity.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.