Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Snare comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Log Management
37th
Ranking in Security Information and Event Management (SIEM)
29th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
No ranking in other categories
Snare
Ranking in Log Management
40th
Ranking in Security Information and Event Management (SIEM)
42nd
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
3
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Log Management category, the mindshare of NetWitness Platform is 0.3%, down from 0.4% compared to the previous year. The mindshare of Snare is 0.3%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Frank Eargle - PeerSpot reviewer
A highly scalable solution that is easy to manage and super easy to set up
We use Snare for picking up Windows logs, and we used to use it for SQL as well. We had used it for Linux once or twice. We're mainly using it for Windows and Windows flat files The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"NetWitness Platform is valuable for creating rules that the solution must detect."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable features are the packet inspection and the automated incident response."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The best thing about Snare is its format and consistency."
"The most valuable feature of Snare is flexibility or the ability to filter all things you don't want and don't have security value."
"Snare has good agents, especially for Windows."
 

Cons

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The log system is a bit complex and has room for improvement."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"It is not so easy to customize this product."
"More customizability is required, which is something that they need to improve on."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The solution is now developing a SIEM-like feature on Snare Central Server, but it's not complete yet."
"Snare should modernize its GUI a little bit."
"Users will initially find it difficult to identify the event types and installation in Snare."
 

Pricing and Cost Advice

"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"It is cheap."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"Compared to the competition, the is price is not that high."
"This is a pricey solution; it's not cheap."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
"Snare is a cheap solution because a lot of customers are using it."
"Snare has reasonable pricing."
"On a scale from one to ten, where one is cheap, and ten is expensive, I rate Snare's pricing a four out of ten."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
17%
Manufacturing Company
5%
Real Estate/Law Firm
5%
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
12%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
What do you like most about Snare?
The best thing about Snare is its format and consistency.
What is your experience regarding pricing and costs for Snare?
Snare is a cheap solution because a lot of customers are using it.
What needs improvement with Snare?
Users will initially find it difficult to identify the event types and installation in Snare.
 

Also Known As

RSA Security Analytics
No data available
 

Overview

 

Sample Customers

Los Angeles World Airports, Reply
Military, Defence and Security Agencies, Banking Finance and Insurance companies, Retail, Health and Utilities.
Find out what your peers are saying about NetWitness Platform vs. Snare and other solutions. Updated: June 2025.
861,481 professionals have used our research since 2012.