Coming October 25: PeerSpot Awards will be announced! Learn more

RSA NetWitness Endpoint OverviewUNIXBusinessApplication

RSA NetWitness Endpoint is #16 ranked solution in EDR tools and #31 ranked solution in endpoint security software. PeerSpot users give RSA NetWitness Endpoint an average rating of 8.2 out of 10. RSA NetWitness Endpoint is most commonly compared to Microsoft Defender for Endpoint: RSA NetWitness Endpoint vs Microsoft Defender for Endpoint. RSA NetWitness Endpoint is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 24% of all views.
Buyer's Guide

Download the EPP (Endpoint Protection for Business) Buyer's Guide including reviews and more. Updated: September 2022

What is RSA NetWitness Endpoint?
RSA NetWitness Endpoint is an endpoint detection and response solution that employs a combination of live memory analysis, continuous behavioral monitoring, and advanced machine learning to detect known, new, unknown, and non-malware threats that other solutions miss entirely. RSA NetWitness Endpoint helps focus investigations amid thousands of alerts and offers 3X the impact for security teams by considerably reducing attacker dwelltime and accelerating threat response.

RSA NetWitness Endpoint was previously known as RSA ECAT.

RSA NetWitness Endpoint Customers
ADP, Ameritas, Partners Healthcare
RSA NetWitness Endpoint Video

Archived RSA NetWitness Endpoint Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Senior Cyber Security Analyst (SAFe Agile) at a transportation company with 1,001-5,000 employees
Real User
Top 20
Good detection rate and tracking features but triaging of incidents needs improvement
Pros and Cons
  • "We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
  • "The contamination feature could be improved."

What is our primary use case?

We use the solution for the contamination. We detect the incidents and then proceed for the contamination and error notification. For example, there's some intrusion history to the endpoint and there's a partial command that detects the code imbalance. We're able to find it and deal with it.

What is most valuable?

The detection rate and tracking features including historical tracking, tracking of the fires on the desk, and tracking of the file last monitored are all quite valuable for us.

What needs improvement?

The contamination feature could be improved.

For how long have I used the solution?

I've been using the solution for six years now.

Buyer's Guide
EPP (Endpoint Protection for Business)
September 2022
Find out what your peers are saying about RSA, VMware, CrowdStrike and others in EPP (Endpoint Protection for Business). Updated: September 2022.
635,987 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability of the solution is good. I'd rate it seven out of ten overall. We've had minor technical issues.

What do I think about the scalability of the solution?

The solution is highly scalable. Users just need to install the agent on the products. Right now, we have about 1,000 users. We use the solution daily.

How are customer service and support?

We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues.

Which solution did I use previously and why did I switch?

We didn't previously use another solution.

How was the initial setup?

The initial setup was pretty straightforward. We didn't run into any issues. I can't recall how long it took to deploy.

What about the implementation team?

We had a professional service assist us with the initial setup.

What other advice do I have?

We use the on-premises deployment model.

The contamination should be improved. If a new user needs better contamination capabilities, they should use something else.

I'd rate the solution seven out of ten. If it offered better triaging of incidents, I'd rate it higher.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user629541 - PeerSpot reviewer
Security Consultant at a tech services company with 10,001+ employees
Consultant
Good SIEM solution

What is our primary use case?

We are using it as a SIEM tool. 

What is most valuable?

One of the most valuable features is the Orchestrator.

What needs improvement?

This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is stable. We have been using it for some time, without any issues.

What do I think about the scalability of the solution?

I think it would scale nicely but we have not needed to expand our organizational needs yet.

How was the initial setup?

The initial setup was not complex.

What's my experience with pricing, setup cost, and licensing?

I do not have any opinion on the pricing or licensing of the product.

Which other solutions did I evaluate?

I used other solutions such as EnVision in the past.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
EPP (Endpoint Protection for Business)
September 2022
Find out what your peers are saying about RSA, VMware, CrowdStrike and others in EPP (Endpoint Protection for Business). Updated: September 2022.
635,987 professionals have used our research since 2012.
Ayodeji Abimbola - PeerSpot reviewer
Account Manager at a tech services company with 11-50 employees
Real User
Helps our security team respond more accurately when there are threats
Pros and Cons
  • "It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
  • "RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
  • "The initial setup requires a high level of skill."
  • "The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."

What is our primary use case?

It is mainly for market analysis. It has been performing exceedingly well.

How has it helped my organization?

It helps our security team respond more accurately when there are threats, then we get less false positives or negatives.

What is most valuable?

RSA NetWitness does market analysis in a more granular form. It gives you full visibility. You have good visibility across the flow of markets, then you can connect with more security devices across the network. 

What needs improvement?

The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution. However, customers understand the model, so they buy them in modules and put them together.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is good. It does not fail.

What do I think about the scalability of the solution?

It is highly scalable. It can be bought based on your requirements.

How are customer service and technical support?

The product has excellent support.

How was the initial setup?

The initial setup requires a high level of skill, then the setup is good and smooth. If you have the skill, then you will get through it easily.

What's my experience with pricing, setup cost, and licensing?

The pricing is good. It is competitive. With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing. They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend.

What other advice do I have?

I would highly recommend the solution. Just go ahead and get it. It is the best you can get.

We chose a solution of RSA endpoint protection because of the value proposition they offered. It became clear that they have the right solution for a serious enterprise and the security operation center (SOC), and they offered the right value.

It meets our major requirements and gives you peace of mind.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free EPP (Endpoint Protection for Business) Report and find out what your peers are saying about RSA, VMware, CrowdStrike, and more!
Updated: September 2022
Buyer's Guide
Download our free EPP (Endpoint Protection for Business) Report and find out what your peers are saying about RSA, VMware, CrowdStrike, and more!