We performed a comparison between Darktrace and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I like about Darktrace, is that you can quickly identify threats."
"We liked their approach to identifying intrusions or network anomalies using AI."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"I find the complete portfolio to be excellent."
"The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network."
"The active threat dashboard is the most valuable feature of this solution."
"It's a very stable product."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"This solution allows us to locate the malware in real-time."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The interface of this solution is very flexible and easy to use."
"Technical support is knowledgeable."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"It is stable. We have been using it for some time, without any issues."
"Ability to isolate the machine when there are malicious files."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"I believe their network monitoring device licensing module could use some improvement."
"The solution can improve the reporting."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace."
"I think there is some MSSP missing."
"The module can improve so that every time it's more intelligent."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"The solution could be easier to use."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The initial setup requires a high level of skill."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The solution lacks a reporting engine."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"RSA NetWitness Network could improve on integration with non-native application integration."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
Darktrace is ranked 1st in Network Detection and Response (NDR) with 66 reviews while NetWitness XDR is ranked 9th in Network Detection and Response (NDR) with 15 reviews. Darktrace is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas NetWitness XDR is most compared with ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete, Vectra AI and Microsoft Defender for Endpoint. See our Darktrace vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.