IT Central Station is now PeerSpot: Here's why

RSA NetWitness Logs and Packets (RSA SIEM) vs Symantec Advanced Threat Protection comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Buyer's Guide
RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection
July 2022
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection and other solutions. Updated: July 2022.
620,319 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time.""The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance.""The most valuable feature of Microsoft Defender for Office 365 is the ease of use.""The basic features are okay and I'm satisfied with the Defender.""Does a thorough job of examining email and URLs for malicious content.""The good part is that you don't have to configure it, which is very convenient.""The deployment capability is a great feature.""Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."

More Microsoft Defender for Office 365 Pros →

"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud.""It's quite economical compared to other solutions in the market.""The newer 11.5 version that my team is using has found it to have good mapping.""Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports.""The most valuable features are the packet inspection and the automated incident response.""The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs.""It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets.""The solution is really scalable for the high-end power, enterprise customer."

More RSA NetWitness Logs and Packets (RSA SIEM) Pros →

"You don't have to buy a separate email security platform. You can enable that using their endpoint, and I like that. You don't have to have two agents running on the same box.""Technical support has been helpful and responsive."

More Symantec Advanced Threat Protection Pros →

Cons
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added.""Too many false positives and lacks an accurate capability to detect malicious SharePoint sites.""The visibility for the weaknesses in the system and unauthorized access can be improved.""There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types.""The custom alerts have to improve a lot.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.""In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.""I'd like some additional features any product can give me to protect our environment in a better way."

More Microsoft Defender for Office 365 Cons →

"Technical support could be improved.""There are instances where you try to run the reports and then it does not give you the desired outcome.""If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis.""An area for improvement would be better automation and more inbuilt use cases.""The initial setup is complex. There are other solutions that are easier to implement.""The solution should have more integration capabilities with different platforms.""Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10.""More customizability is required, which is something that they need to improve on."

More RSA NetWitness Logs and Packets (RSA SIEM) Cons →

"The support for new OSs and older OSs could be a little tighter. They need to be more upfront about what protection services they're going to provide on new OSs. I haven't seen the Windows 11 version out yet. It is either already released in Beta, or the Beta will be released soon. There could be a little bit more advanced updates on what they're doing to help protect Windows 11 environments. They can let us know in advance so that we know it is going to be protected. We can't roll out the new OS without putting end-point protection on it. So, they should tell us what is their support model for that, and what are they doing to protect Windows 11. They're not telling me, and that's a criticism. The same issue is applicable to all the other antivirus tools. It is not just Symantec; all of them have this problem.""Scalability could be better."

More Symantec Advanced Threat Protection Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
  • "We are on an annual license for the use of the solution."
  • "RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
  • More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which ATP (Advanced Threat Protection) solutions are best for your needs.
    620,319 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable feature of Microsoft Defender for Office 365 is the ease of use.
    Top Answer:Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system.
    Top Answer:Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For… more »
    Top Answer:It would help if they could provide the malware analytics in the core package as that would make the cost more… more »
    Top Answer:I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's… more »
    Top Answer:The incident management on the solution is very good. You get a lot of detailed information about an incident. You also… more »
    Top Answer:The solution isn't the least expensive option. Other solutions do cost more, however.
    Top Answer:Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount… more »
    Comparisons
    Also Known As
    MS Defender for Office 365
    RSA Security Analytics
    Learn More
    Overview

    Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:

    - Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.

    - Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.

    - A complete solution for collaboration that protects you from attacks across the kill chain.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

    Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual security products. It leverages your existing Symantec Endpoint Protection and Symantec Email Security.cloud investments, so it does not require the deployment of any new agents. You can deploy a new installation of Symantec Advanced Threat Protection and start to discover suspicious activity in under an hour. Using the proven technology in Symantec Insight reputation based detection, Symantec SONAR behavioral analysis with the new Symantec Cynic sandbox and file analysis platform, Symantec Advanced Threat Protection provides better detection and prioritization than other vendors, allowing security analysts to “zero in” on just those specific security events of importance.

    Offer
    Learn more about Microsoft Defender for Office 365
    Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
    Learn more about Symantec Advanced Threat Protection
    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Los Angeles World Airports, Reply
    ECI
    Top Industries
    REVIEWERS
    Manufacturing Company25%
    Comms Service Provider25%
    Performing Arts13%
    Logistics Company13%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider20%
    Government7%
    Financial Services Firm6%
    REVIEWERS
    Comms Service Provider31%
    Financial Services Firm25%
    Computer Software Company25%
    Manufacturing Company13%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Comms Service Provider21%
    Financial Services Firm10%
    Government8%
    REVIEWERS
    Insurance Company18%
    Computer Software Company18%
    Comms Service Provider18%
    Financial Services Firm18%
    VISITORS READING REVIEWS
    Comms Service Provider21%
    Computer Software Company20%
    Financial Services Firm7%
    Government7%
    Company Size
    REVIEWERS
    Small Business29%
    Midsize Enterprise29%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise19%
    Large Enterprise54%
    REVIEWERS
    Small Business26%
    Midsize Enterprise11%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise16%
    Large Enterprise64%
    REVIEWERS
    Small Business32%
    Midsize Enterprise11%
    Large Enterprise58%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise18%
    Large Enterprise57%
    Buyer's Guide
    RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection
    July 2022
    Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection and other solutions. Updated: July 2022.
    620,319 professionals have used our research since 2012.

    RSA NetWitness Logs and Packets (RSA SIEM) is ranked 7th in ATP (Advanced Threat Protection) with 10 reviews while Symantec Advanced Threat Protection is ranked 14th in ATP (Advanced Threat Protection) with 2 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.8, while Symantec Advanced Threat Protection is rated 7.0. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Economical with good technical support and is easily scalable". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Integrated with an email security platform, protects against new threats, but needs tighter support for new OSs and is limited in behavioral and algorithm-based detection capabilities". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, RSA enVision, ArcSight Enterprise Security Manager (ESM) and Elastic Security, whereas Symantec Advanced Threat Protection is most compared with Palo Alto Networks WildFire, FireEye Network Security, Check Point SandBlast Network, Arbor DDoS and CyberArk Privileged Access Manager. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection report.

    See our list of best ATP (Advanced Threat Protection) vendors.

    We monitor all ATP (Advanced Threat Protection) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.