We performed a comparison between NetWitness XDR and Tanium based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"The setup is pretty simple."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The log correlation is good."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"This solution allows us to locate the malware in real-time."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"Technical support is knowledgeable."
"It is stable. We have been using it for some time, without any issues."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"The interrogation piece was the most valuable feature because it was very detailed."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"Tanium’s linear-chain architecture is valuable."
"The product is granular and can build complex roles compared to other EDR vendors."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"The security features are very valuable."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution should address emerging threats like SQL injection."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The SIEM could be improved."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"FortiEDR can be improved by providing more detailed reporting."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The contamination feature could be improved."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"Threat detection could be better."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"The solution lacks mobility."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"The solution needs to improve the reporting and tracking capabilities."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"Tanium’s scalability could be improved."
"They could improve the UI."
NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews while Tanium is ranked 36th in Endpoint Protection Platform (EPP) with 15 reviews. NetWitness XDR is rated 8.0, while Tanium is rated 7.4. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Tanium writes "Useful tool for vulnerability management and deploying applications, needing improvement in its OS upgrade". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Tanium is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Configuration Manager, Qualys VMDR and ServiceNow Discovery. See our NetWitness XDR vs. Tanium report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.