NetWitness Platform and Microsoft Sentinel are leading solutions in cybersecurity. Based on user reviews, Microsoft Sentinel often stands out due to its comprehensive features and integration capabilities, making it a preferred choice despite potentially higher costs.
Features: NetWitness Platform is praised for its robust threat detection and response capabilities. It offers in-depth packet capture and session analysis, providing granular visibility into network activity. The platform also includes behavior analytics to detect threats based on deviations from normal patterns. Microsoft Sentinel features advanced AI-driven analytics, automating threat detection and response processes. It includes seamless integration with other Microsoft products, enhancing its utility in Microsoft-centric environments. Additionally, Sentinel offers built-in orchestration and automation for streamlined security operations.
Room for Improvement: Users suggest that NetWitness Platform could benefit from enhanced scalability, more intuitive navigation, and better integration with third-party tools. Microsoft Sentinel users request improved alerting mechanisms, more customizable reporting options, and a more user-friendly interface. While suggestions for NetWitness are aimed at usability enhancements, Sentinel users focus on functional refinements.
Ease of Deployment and Customer Service: NetWitness Platform is noted for its straightforward deployment process and reliable customer support. Microsoft Sentinel receives positive feedback for deployment, especially in cloud environments, but some users find its initial setup complex. Customer service for Sentinel garners mixed reviews, with some users experiencing delays in support.
Pricing and ROI: NetWitness Platform is generally seen as requiring a significant initial investment, but users report good ROI over time. Microsoft Sentinel is perceived as more expensive, yet users feel the comprehensive feature set and integration justify the cost, leading to a strong ROI. Pricing strategies differ, with Sentinel's flexible cloud-based pricing appealing to many users. Differences in perceived value highlight each product's pricing strategy and return on investment dynamics.
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
- Respond to incidents rapidly with built-in orchestration and automation of common tasks
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.