"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"The most valuable feature of Microsoft Defender for Office 365 is the ease of use."
"The basic features are okay and I'm satisfied with the Defender."
"Does a thorough job of examining email and URLs for malicious content."
"The good part is that you don't have to configure it, which is very convenient."
"The deployment capability is a great feature."
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"It's quite economical compared to other solutions in the market."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The most valuable features are the packet inspection and the automated incident response."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The solution is really scalable for the high-end power, enterprise customer."
"You don't have to buy a separate email security platform. You can enable that using their endpoint, and I like that. You don't have to have two agents running on the same box."
"Technical support has been helpful and responsive."
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added."
"Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."
"The visibility for the weaknesses in the system and unauthorized access can be improved."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"The custom alerts have to improve a lot."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"I'd like some additional features any product can give me to protect our environment in a better way."
"Technical support could be improved."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"An area for improvement would be better automation and more inbuilt use cases."
"The initial setup is complex. There are other solutions that are easier to implement."
"The solution should have more integration capabilities with different platforms."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"More customizability is required, which is something that they need to improve on."
"The support for new OSs and older OSs could be a little tighter. They need to be more upfront about what protection services they're going to provide on new OSs. I haven't seen the Windows 11 version out yet. It is either already released in Beta, or the Beta will be released soon. There could be a little bit more advanced updates on what they're doing to help protect Windows 11 environments. They can let us know in advance so that we know it is going to be protected. We can't roll out the new OS without putting end-point protection on it. So, they should tell us what is their support model for that, and what are they doing to protect Windows 11. They're not telling me, and that's a criticism. The same issue is applicable to all the other antivirus tools. It is not just Symantec; all of them have this problem."
"Scalability could be better."
Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:
- Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.
- Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.
- A complete solution for collaboration that protects you from attacks across the kill chain.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.
Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual security products. It leverages your existing Symantec Endpoint Protection and Symantec Email Security.cloud investments, so it does not require the deployment of any new agents. You can deploy a new installation of Symantec Advanced Threat Protection and start to discover suspicious activity in under an hour. Using the proven technology in Symantec Insight reputation based detection, Symantec SONAR behavioral analysis with the new Symantec Cynic sandbox and file analysis platform, Symantec Advanced Threat Protection provides better detection and prioritization than other vendors, allowing security analysts to “zero in” on just those specific security events of importance.
RSA NetWitness Logs and Packets (RSA SIEM) is ranked 7th in ATP (Advanced Threat Protection) with 10 reviews while Symantec Advanced Threat Protection is ranked 14th in ATP (Advanced Threat Protection) with 2 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.8, while Symantec Advanced Threat Protection is rated 7.0. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Economical with good technical support and is easily scalable". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Integrated with an email security platform, protects against new threats, but needs tighter support for new OSs and is limited in behavioral and algorithm-based detection capabilities". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, RSA enVision, ArcSight Enterprise Security Manager (ESM) and Elastic Security, whereas Symantec Advanced Threat Protection is most compared with Palo Alto Networks WildFire, FireEye Network Security, Check Point SandBlast Network, Arbor DDoS and CyberArk Privileged Access Manager. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection report.
See our list of best ATP (Advanced Threat Protection) vendors.
We monitor all ATP (Advanced Threat Protection) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.