NetWitness NDR vs Trellix Endpoint Detection and Response (EDR) comparison

NetWitness and Trellix are both solutions in the Endpoint Detection and Response (EDR) category. NetWitness is ranked #63, while Trellix is ranked #24 with an average rating of 7.5. NetWitness holds a 0.4% mindshare in EDR, compared to Trellix’s 1.0% mindshare. Additionally, 87% of NetWitness users are willing to recommend the solution, compared to 83% of Trellix users who would recommend it.

NetWitness NDR

Read 15 NetWitness NDR reviews

644 Views
502 Comparison Views

87% willing to recommend

Trellix Endpoint Detection ...

Read 23 Trellix Endpoint Detection and Response (EDR) reviews

1,723 Views
1,064 Comparison Views

83% willing to recommend

NetWitness NDR

Trellix Endpoint Detection ...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 9, 2024

NetWitness NDR and Trellix Endpoint Detection and Response (EDR) are both strong contenders in network threat detection. Trellix EDR seems to have the upper hand due to its advanced features and better customer service.

Features: User reviews highlight NetWitness NDR for its comprehensive network visibility, incident response capabilities, and overall network threat detection. Trellix EDR is recognized for its robust endpoints monitoring, automatic threat remediation, and advanced threat detection. While both products offer high-quality threat detection, Trellix EDR's automated response features make it a favorite among users.

Room for Improvement: NetWitness NDR users suggest enhancements in scalability, integration flexibility, and overall performance. Trellix EDR users see room for improvement in reporting capabilities, response times, and user interface. Both products have areas to develop, but NetWitness NDR seems to need more work in expanding its integration potential.

Ease of Deployment and Customer Service: NetWitness NDR is commended for its flexible deployment options, but users report inconsistency in customer support. Trellix EDR users find deployment straightforward and praise their support team's responsiveness. Trellix EDR appears to have an edge with smoother deployment and better customer service.

Pricing and ROI: NetWitness NDR users perceive it as cost-effective with good ROI. Trellix EDR is noted for offering value despite higher upfront costs due to superior features. While NetWitness NDR is seen as budget-friendly, Trellix EDR's feature set justifies its pricing for many users.

To learn more, read our detailed NetWitness NDR vs. Trellix Endpoint Detection and Response (EDR) Report (Updated: April 2025).

Buyer's Guide

NetWitness NDR vs. Trellix Endpoint Detection and Response (EDR)

April 2025

Download the complete report

Helped 848,476 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

8.0

Implementing NetWitness NDR enhances security, improves network visibility, reduces costs, and boosts efficiency and productivity for businesses.

Sentiment score

5.8

Trellix EDR offers improved security and compliance but has mixed reviews on cost-effectiveness and management needs.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Customer Service

Sentiment score

7.3

NetWitness NDR's customer service is generally efficient and highly regarded, though some users report occasional slow response times.

Sentiment score

8.1

Trellix EDR customer service quality is inconsistent, with mixed reviews on response times, language barriers, and support effectiveness.

No quotes available

For more quotes and insights, download the NetWitness NDR report

I have contracted support and also have an operating control so I can get various types of support.

CESARCASTRO

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Scalability Issues

Sentiment score

7.0

NetWitness NDR is scalable for large enterprises, though some users report issues with scalability and agent migration.

Sentiment score

7.5

Trellix EDR provides scalable solutions for businesses of all sizes, despite some concerns about operational issues and performance.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Stability Issues

Sentiment score

7.7

NetWitness NDR is generally reliable, providing real-time data and stability, though minor technical issues are occasionally reported.

Sentiment score

7.6

Trellix EDR is praised for stability and performance, but some browser and deployment issues have been noted.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Room For Improvement

NetWitness NDR requires improvements in UI, scalability, detectability, integration, session times, pricing, training, and features, making it complex and slow.

Trellix EDR needs enhanced performance, integration, user interface, historical search, and streamlined management for better user experience.

No quotes available

For more quotes and insights, download the NetWitness NDR report

I am seeing, for workflows, some sort of ethical hacking to test our environment.

CESARCASTRO

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Setup Cost

Trellix EDR pricing starts at $25,000, offers flexibility for startups, but advanced features and retention fees can increase costs.

No quotes available

For more quotes and insights, download the NetWitness NDR report

No quotes available

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Valuable Features

NetWitness NDR offers high detection rates, real-time malware response, third-party integration, and a user-friendly, interoperable interface with advanced analytics.

Trellix Endpoint Detection and Response provides scalable, automated cybersecurity with real-time monitoring, threat visualization, and seamless integration capabilities.

No quotes available

For more quotes and insights, download the NetWitness NDR report

I have spent efforts on training our managers and others - what can software do if the knowledge base is low?

CESARCASTRO

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

For more quotes and insights, download the Trellix Endpoint Detection and Response (EDR) report

Categories and Ranking

NetWitness NDR

Ranking in Endpoint Detection and Response (EDR)

63rd

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (59th), Threat Intelligence Platforms (35th), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (36th)

Trellix Endpoint Detection ...

Ranking in Endpoint Detection and Response (EDR)

24th

Average Rating

7.4

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of April 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of NetWitness NDR is 0.4%, up from 0.3% compared to the previous year. The mindshare of Trellix Endpoint Detection and Response (EDR) is 1.0%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR)

Featured Reviews

SupravatMaji

Associate Vice President - IT Security at Inspira Enterprise

Beneficial single unified dashboard, good native application integration, and high availability

My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

Read full review

CESARCASTRO

Committee of IT Cybersececurity at a energy/utilities company with 51-200 employees

Enhancements needed for security alerts while ongoing training strengthens defenses

This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers. Application fiber also needs attention. Nowadays I am making applications that are publicly seen on the Internet. I need some protection, possibly multi-factor authentication improvements. I am seeing, for workflows, some sort of ethical hacking to test our environment. Knowledge of everything, not only the product - maybe some kind of alerts - needs to emerge. I see the current ones as very low-tier, and they must improve.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

848,476 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Financial Services Firm

17%

Manufacturing Company

Government

Computer Software Company

14%

Financial Services Firm

12%

Government

12%

Manufacturing Company

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Ask a question

Earn 20 points

What do you like most about McAfee MVISION Endpoint Detection and Response?

Trellix has a user-friendly interface.

See all answers

What is your experience regarding pricing and costs for McAfee MVISION Endpoint Detection and Response?

I haven't had any really great problems with pricing in the past two or three years.

See all answers

What needs improvement with McAfee MVISION Endpoint Detection and Response?

See all answers

Comparisons

Darktrace vs NetWitness NDR

Compared 15% of the time

Fidelis Elevate vs NetWitness NDR

Compared 11% of the time

Vectra AI vs NetWitness NDR

Compared 9% of the time

Cortex XDR by Palo Alto Networks vs NetWitness NDR

Compared 8% of the time

Corelight vs NetWitness NDR

Compared 7% of the time

More NetWitness NDR Competitors

Trellix Endpoint Security (ENS) vs Trellix Endpoint Detection and Response (EDR)

Compared 51% of the time

CrowdStrike Falcon vs Trellix Endpoint Detection and Response (EDR)

Compared 15% of the time

Microsoft Defender for Endpoint vs Trellix Endpoint Detection and Response (EDR)

Compared 6% of the time

Trend Vision One vs Trellix Endpoint Detection and Response (EDR)

Compared 5% of the time

Cortex XDR by Palo Alto Networks vs Trellix Endpoint Detection and Response (EDR)

Compared 5% of the time

More Trellix Endpoint Detection and Response (EDR) Competitors

Product Reports

Buyer's Guide

NetWitness NDR

April 2025

Download NetWitness NDR product report

Buyer's Guide

Trellix Endpoint Detection and Response (EDR)

March 2025

Trellix Endpoint Detection and Response (EDR) report

Download Trellix Endpoint Detection and Response (EDR) product report

Also Known As

RSA ECAT, NetWitness Network

McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response

Overview

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness

Reduce Alert Noise

Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption.

Do More with Existing Resources

Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources.

Low-Maintenance Cloud Solution

Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you.

Trellix

Sample Customers

ADP, Ameritas, Partners Healthcare

Sutherland Global Services

Buyer's Guide

NetWitness NDR vs. Trellix Endpoint Detection and Response (EDR)

April 2025

Free Report: NetWitness NDR vs. Trellix Endpoint Detection and Response (EDR)

Find out what your peers are saying about NetWitness NDR vs. Trellix Endpoint Detection and Response (EDR) and other solutions. Updated: April 2025.

DOWNLOAD NOW

848,476 professionals have used our research since 2012.

See our NetWitness NDR vs. Trellix Endpoint Detection and Response (EDR) report.

See our list of best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.