NetWitness NDR vs Secureworks Red Cloak Threat Detection and Response [EOL] comparison

The compared NetWitness and Secureworks solutions aren't in the same category. NetWitness is ranked #20 in NDaR , and holds a 2.2% mindshare in the category. Additionally, 87% of NetWitness users are willing to recommend the solution, compared to 100% of Secureworks users who would recommend it.

NetWitness NDR

Read 15 NetWitness NDR reviews

1,832 Views
605 Comparison Views

87% willing to recommend

Secureworks Red Cloak Threa...

Read 1 Secureworks Red Cloak Threat Detection and Response [EOL] review

100% willing to recommend

NetWitness NDR

Secureworks Red Cloak Threa...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between NetWitness NDR and Secureworks Red Cloak Threat Detection and Response [EOL] based on real PeerSpot user reviews.

Find out what your peers are saying about Darktrace, Vectra AI, Trend Micro and others in Network Detection and Response (NDR).

To learn more, read our detailed Network Detection and Response (NDR) Report (Updated: June 2025).

Buyer's Guide

Network Detection and Response (NDR)

June 2025

Download the complete report

Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

NetWitness NDR

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (59th), Threat Intelligence Platforms (39th), Endpoint Detection and Response (EDR) (63rd), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (38th)

Secureworks Red Cloak Threa...

Average Rating

8.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Featured Reviews

SupravatMaji

Associate Vice President - IT Security at Inspira Enterprise

Beneficial single unified dashboard, good native application integration, and high availability

My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

Read full review

reviewer1646754

Solutions Architect at a computer software company with 51-200 employees

Simple deployment with good reports and dashboard

In terms of what could be improved, there are a lot of things identified and there is a lot of continuous improvement. A lot of the things are of a short time frame and a lot are way out. There was a tuning process but nothing specifically to call out. As for what could be included in the next release, we are working on the basic feature set. There are probably some things that, as we move through it, we'll come across that are deficient but right now we are not that far along to know. I don't want to say that they could not do certain advancement. For example, there are some automated network response portions that we want to turn up, but we're not ready for that. I don't even know what the capabilities are there, but that's something that, probably in the next 24 months, we will move forward on.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Technical support is knowledgeable."

"The log correlation is good."

"The interface of this solution is very flexible and easy to use."

"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."

"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."

"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."

"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."

"Ability to isolate the machine when there are malicious files."

More NetWitness NDR pros

"The features that I have found most valuable are that the search capabilities are easy to use. The dashboards are good. The reports are good. It is just simple from a deployment standpoint - that was easy."

Cons

"I would like to see Security Orchestration and Response Automation (SOAR) integration."

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."

"The contamination feature could be improved."

"RSA NetWitness Network could improve on integration with non-native application integration."

"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."

"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."

More NetWitness NDR cons

"There are some automated network response portions that we want to turn up."

Pricing and Cost Advice

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"It is an expensive product."

"It is highly scalable. It can be bought based on your requirements."

"We are on a three-year contract to use RSA NetWitness Network."

"I do not have any opinion on the pricing or licensing of the product."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

More NetWitness NDR pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.

See recommendations

861,524 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

15%

Government

Manufacturing Company

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Comparisons

Darktrace vs NetWitness NDR

Compared 13% of the time

Fidelis Elevate vs NetWitness NDR

Compared 11% of the time

Vectra AI vs NetWitness NDR

Compared 9% of the time

Cortex XDR by Palo Alto Networks vs NetWitness NDR

Compared 8% of the time

ExtraHop Reveal(x) vs NetWitness NDR

Compared 7% of the time

More NetWitness NDR Competitors

No data available

Product Reports

Buyer's Guide

NetWitness NDR

June 2025

Download NetWitness NDR product report

Buyer's Guide

Security Incident Response

June 2025

Secureworks Red Cloak Threat Detection and Response [EOL] report

Download Secureworks Red Cloak Threat Detection and Response [EOL] product report

Also Known As

RSA ECAT, NetWitness Network

Red Cloak Threat Detection and Response, Red Cloak TDR

Overview

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness

Dell is a part of the Dell Technologies family of brands. Dell Technologies is a unique family of businesses that provides the essential infrastructure for organizations to build their digital future, transform IT and protect their most important asset: information. The company services customers of all sizes across 180 countries – ranging from 98 percent of the Fortune 500 to individual consumers – with the industry's most comprehensive and innovative portfolio from the edge to the core to the cloud.

Secureworks

Sample Customers

ADP, Ameritas, Partners Healthcare

Ricoh

Buyer's Guide

Network Detection and Response (NDR)

June 2025

Download Free Report

Find out what your peers are saying about Darktrace, Vectra AI, Trend Micro and others in Network Detection and Response (NDR). Updated: June 2025.

DOWNLOAD NOW

861,524 professionals have used our research since 2012.

We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.