We performed a comparison between NetWitness XDR and Secureworks Red Cloak Threat Detection and Response [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."Microsoft 365 Defender is a stable solution."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The log correlation is good."
"Ability to isolate the machine when there are malicious files."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The stability of the RSA NetWitness Endpoint is very good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"Technical support is knowledgeable."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"This solution allows us to locate the malware in real-time."
"The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."
More Secureworks Red Cloak Threat Detection and Response [EOL] Pros →
"The solution does not offer a unified response and standard data."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"Intrusion detection and prevention would be great to have with 365 Defender."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The contamination feature could be improved."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The initial setup requires a high level of skill."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"There are some automated network response portions that we want to turn up."
More Secureworks Red Cloak Threat Detection and Response [EOL] Cons →
Earn 20 points
NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews while Secureworks Red Cloak Threat Detection and Response [EOL] doesn't meet the minimum requirements to be ranked in Extended Detection and Response (XDR). NetWitness XDR is rated 8.0, while Secureworks Red Cloak Threat Detection and Response [EOL] is rated 8.0. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Secureworks Red Cloak Threat Detection and Response [EOL] writes "Simple deployment with good reports and dashboard". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Secureworks Red Cloak Threat Detection and Response [EOL] is most compared with VMware Carbon Black Endpoint, Cisco SecureX, Splunk SOAR and VMware Carbon Black Cloud.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
