We performed a comparison between NetWitness XDR and Tanium based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is stable and scalable."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"Technical support is knowledgeable."
"It is stable. We have been using it for some time, without any issues."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The log correlation is good."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"The stability of the RSA NetWitness Endpoint is very good."
"I would say Tanium is the best tool for vulnerability management."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"I like the tool's incident response and security patching."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"The security features are very valuable."
"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Detections could be improved."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The only minor concern is occasional interference with desired programs."
"We find the solution to be a bit expensive."
"Cannot be used on mobile devices with a secure connection."
"Threat detection could be better."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The contamination feature could be improved."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"The most painful thing is the interface. It's a bit unclear sometimes."
"The reporting could be improved."
"The solution can give a lot of false positives."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"The solution needs to improve the reporting and tracking capabilities."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
NetWitness XDR is ranked 35th in Endpoint Detection and Response (EDR) with 15 reviews while Tanium is ranked 26th in Endpoint Detection and Response (EDR) with 15 reviews. NetWitness XDR is rated 8.0, while Tanium is rated 7.4. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Tanium writes "Useful tool for vulnerability management and deploying applications, needing improvement in its OS upgrade". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Tanium is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Configuration Manager, Qualys VMDR and ServiceNow Discovery. See our NetWitness XDR vs. Tanium report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.