I primarily use NetWitness Endpoint to detect anomalies like the presence of web shields that are not detected by traditional antivirus solutions. I also use it for digital forensics and containment.

We primarily use the solution for NDR. 

The product is mainly used for security, log reviews, and monitoring.

In India, mostly on the requirement segment, we don't deploy the solution on the cloud. We use the solution on-premises.

RSA NetWitness Endpoint is used to get an instant detection response from network threats. Additionally, it has the capability to do malware analysis and investigations.

We use it for IT security purposes. This is our central log management solution. So we incorporate all of our servers and PCs to this software, and we can monitor the logs from there.

We are customers of RSA.

It is our all-in-one platform for logs and packets for our network and for EDR.

We use this solution to detect indicators of compromise, where incidents that occur are analyzed and given risk scores. For example, if the endpoint is of high risk then it will be indicated in red. By contrast, if it's of low risk then it will be indicated in green. The scoring criteria are what we call the Indicators of Compromise.

The overall goal is to detect malware that is affecting the endpoints and then provide a response. It is often used by banks and telecom companies.

We are using this solution as a network forensic tool with other security devices such as IPS and SIEM.

We use the solution for the contamination. We detect the incidents and then proceed for the contamination and error notification. For example, there's some intrusion history to the endpoint and there's a partial command that detects the code imbalance. We're able to find it and deal with it.

We are using it as a SIEM tool. 

It is mainly for market analysis. It has been performing exceedingly well.

We use this solution for network security.