Try our new research platform with insights from 80,000+ expert users

Morphisec vs NetWitness NDR comparison

Morphisec and NetWitness are both solutions in the Endpoint Protection Platform (EPP) category. Morphisec is ranked #56, while NetWitness is ranked #59. Morphisec holds a 0.4% mindshare in EPP, compared to NetWitness’s 0.3% mindshare. Additionally, 100% of Morphisec users are willing to recommend the solution, compared to 87% of NetWitness users who would recommend it.
Morphisec
Read 21 Morphisec reviews
  • 1,161 Views
  • 665 Comparison Views
100% willing to recommend
NetWitness NDR
Read 15 NetWitness NDR reviews
  • 626 Views
  • 482 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

NetWitness NDR and Morphisec are two prominent solutions in network detection and response. Morphisec stands out due to its proactive approach to security, though some users feel it is worth the higher price.

Features: Users highly value NetWitness NDR for its comprehensive network monitoring and analytics. NetWitness NDR excels in detailed forensic analysis. Morphisec is praised for its advanced threat prevention capabilities and lightweight design. Morphisec's strength lies in its proactive defense mechanisms.

Room for Improvement: NetWitness NDR users seek enhancements in its integration capabilities. They also desire a more intuitive learning curve and better scalability. Morphisec users desire expanded reporting features and better scalability. Enhanced integration is also sought after in both products.

Ease of Deployment and Customer Service: NetWitness NDR offers flexible deployment options but receives mixed feedback on complexity. Customer service for NetWitness is well-regarded. Morphisec, noted for its simplicity in deployment, garners positive reviews for customer service efficiency. Morphisec’s ease of deployment is a distinct advantage.

Pricing and ROI: NetWitness NDR is perceived to have higher initial setup costs, yet users acknowledge substantial long-term ROI. Morphisec, despite a higher price point, is seen as an investment worth the cost due to its effective threat mitigation. Morphisec users report quicker ROI due to reduced incidents.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Morphisec vs. NetWitness NDR Report (Updated: April 2025).
Buyer's Guide
Morphisec vs. NetWitness NDR
April 2025
Download the complete report
Helped 848,476 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Morphisec
Ranking in Endpoint Protection Platform (EPP)
56th
Ranking in Endpoint Detection and Response (EDR)
59th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (58th), Advanced Threat Protection (ATP) (33rd), Cloud Workload Protection Platforms (CWPP) (36th), Threat Deception Platforms (14th)
NetWitness NDR
Ranking in Endpoint Protection Platform (EPP)
59th
Ranking in Endpoint Detection and Response (EDR)
63rd
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Threat Intelligence Platforms (35th), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (36th)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Morphisec is 0.4%, up from 0.3% compared to the previous year. The mindshare of NetWitness NDR is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Islam Shaikh - PeerSpot reviewer
Lightweight, detects everything quickly, and takes corrective action
We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.
Read full review
SupravatMaji - PeerSpot reviewer
Beneficial single unified dashboard, good native application integration, and high availability
My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."
"We don't have to do anything as a user or as an admin. It does everything by default with its coding and inbuilt AI-based intelligence. We don't have to instruct it about what to do. It automatically takes corrective actions and quarantines or deletes a virus, malware, etc. That is the best part that I like about it."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
More Morphisec pros
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"The stability of the RSA NetWitness Endpoint is very good."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"The log correlation is good."
"The interface of this solution is very flexible and easy to use."
"Technical support is knowledgeable."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
More NetWitness NDR pros
 

Cons

"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."
"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."
"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."
"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"The dashboard is the area that requires the most improvement. We have about, I would say 5,500 computers currently, and searching through all of those takes some time to filter. So as soon as you apply the filter, it takes a few seconds. It crunches, it thinks, and then it brings up the clients that match."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."
More Morphisec cons
"The threat intelligence could improve in RSA NetWitness Endpoint."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The solution lacks a reporting engine."
"RSA NetWitness Network could improve on integration with non-native application integration."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"Threat detection could be better."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
More NetWitness NDR cons
 

Pricing and Cost Advice

"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"The pricing is definitely fair for what it does."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
More Morphisec pricing and cost advice
"I do not have any opinion on the pricing or licensing of the product."
"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."
"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
"We are on a three-year contract to use RSA NetWitness Network."
"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
"It is an expensive product."
More NetWitness NDR pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
848,476 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Outsourcing Company
14%
Computer Software Company
13%
Financial Services Firm
12%
Manufacturing Company
8%
Computer Software Company
18%
Financial Services Firm
17%
Manufacturing Company
9%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Comparisons

CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 34% of the time
Halcyon vs Morphisec Logo
Halcyon vs Morphisec
Compared 14% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 12% of the time
Hyver vs Morphisec Logo
Hyver vs Morphisec
Compared 7% of the time
Virsec Security Platform vs Morphisec Logo
Virsec Security Platform vs Morphisec
Compared 7% of the time
More Morphisec Competitors
Darktrace vs NetWitness NDR Logo
Darktrace vs NetWitness NDR
Compared 15% of the time
Fidelis Elevate vs NetWitness NDR Logo
Fidelis Elevate vs NetWitness NDR
Compared 11% of the time
Vectra AI vs NetWitness NDR Logo
Vectra AI vs NetWitness NDR
Compared 9% of the time
Cortex XDR by Palo Alto Networks vs NetWitness NDR Logo
Cortex XDR by Palo Alto Networks vs NetWitness NDR
Compared 8% of the time
Corelight vs NetWitness NDR Logo
Corelight vs NetWitness NDR
Compared 7% of the time
More NetWitness NDR Competitors
 

Product Reports

Buyer's Guide
Morphisec
April 2025
Morphisec reportDownload Morphisec product report
Buyer's Guide
NetWitness NDR
April 2025
NetWitness NDR reportDownload NetWitness NDR product report
 

Also Known As

Morphisec, Morphisec Moving Target Defense
RSA ECAT, NetWitness Network
 

Overview

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

  • Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
  • Memory Morphing: Hides processes to reduce attack surfaces
  • Signatureless Protection: Prevents threats without impacting performance
  • Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
  • Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

  • Quick Deployment: Fast setup without disrupting operations
  • Enhanced Protection: Provides an additional defense layer against advanced threats
  • Cost-Effectiveness: Works with existing licenses, minimizing extra investments
  • Improved Compatibility: Integrates smoothly with current antivirus systems
  • Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness
 

Sample Customers

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
ADP, Ameritas, Partners Healthcare
Buyer's Guide
Morphisec vs. NetWitness NDR
April 2025
Free Report: Morphisec vs. NetWitness NDR
Find out what your peers are saying about Morphisec vs. NetWitness NDR and other solutions. Updated: April 2025.
DOWNLOAD NOW
848,476 professionals have used our research since 2012.
See our Morphisec vs. NetWitness NDR report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.