Try our new research platform with insights from 80,000+ expert users

NetWitness NDR vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
8.0
Implementing NetWitness NDR enhances security, improves network visibility, reduces costs, and boosts efficiency and productivity for businesses.
Sentiment score
7.6
Sumo Logic Security enhances efficiency and ROI by streamlining troubleshooting and log access without needing widespread credential distribution.
 

Customer Service

Sentiment score
7.3
NetWitness NDR's customer service is generally efficient and highly regarded, though some users report occasional slow response times.
Sentiment score
7.4
Sumo Logic Security's customer support is praised for responsiveness and effectiveness, although some report slower responses and no phone support.
They have a response time of forty-eight hours, which is not instant support.
 

Scalability Issues

Sentiment score
7.0
NetWitness NDR is scalable for large enterprises, though some users report issues with scalability and agent migration.
Sentiment score
8.0
Sumo Logic Security is highly scalable, efficiently accommodating diverse environments and data volumes, with users rating its scalability highly.
 

Stability Issues

Sentiment score
7.7
NetWitness NDR is generally reliable, providing real-time data and stability, though minor technical issues are occasionally reported.
Sentiment score
8.1
Sumo Logic Security is stable and efficient, experiencing minimal issues, with stability ratings from seven to nine out of ten.
If there are many records, the system may stop or the UI may become unresponsive.
 

Room For Improvement

NetWitness NDR requires improvements in UI, scalability, detectability, integration, session times, pricing, training, and features, making it complex and slow.
Sumo Logic Security needs better dashboards, pricing, automation, scalability, log handling, correlation, mapping, and faster support response.
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk.
 

Setup Cost

Sumo Logic offers competitive pricing on AWS Marketplace, valued for simplicity and functionality but costly for smaller organizations.
 

Valuable Features

NetWitness NDR offers high detection rates, real-time malware response, third-party integration, and a user-friendly, interoperable interface with advanced analytics.
Sumo Logic Security provides customizable alerts, real-time observability, and seamless integrations for comprehensive, scalable security monitoring and forensics.
If we cannot find the data in other tools, like email security or NDR, we can fetch those logs in the Log Analytics platform of Sumo Logic.
 

Categories and Ranking

NetWitness NDR
Ranking in Security Orchestration Automation and Response (SOAR)
25th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Endpoint Protection Platform (EPP) (58th), Threat Intelligence Platforms (33rd), Endpoint Detection and Response (EDR) (60th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (34th)
Sumo Logic Security
Ranking in Security Orchestration Automation and Response (SOAR)
13th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
19
Ranking in other categories
Log Management (21st), Security Information and Event Management (SIEM) (21st)
 

Mindshare comparison

As of December 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of NetWitness NDR is 0.4%, up from 0.4% compared to the previous year. The mindshare of Sumo Logic Security is 0.8%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

SupravatMaji - PeerSpot reviewer
Beneficial single unified dashboard, good native application integration, and high availability
My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.
Moole Muralidhara Reddy - PeerSpot reviewer
Used to store and monitor application logs and VPC flow logs
We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it. If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google. We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users. I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything. Overall, I rate the solution a nine out of ten.
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
824,145 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
9%
Government
8%
Computer Software Company
16%
Financial Services Firm
11%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Sumo Logic Security?
Sumo Logic Security is a good solution for searching the logs and identifying the issues.
What needs improvement with Sumo Logic Security?
The correlation rules and log mapping are not as mature compared to other SIM tools like Splunk. Sometimes logs will not fetch, and there are issues if the log volume exceeds a threshold. Not every...
 

Also Known As

RSA ECAT, NetWitness Network
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

ADP, Ameritas, Partners Healthcare
Information Not Available
Find out what your peers are saying about NetWitness NDR vs. Sumo Logic Security and other solutions. Updated: December 2024.
824,145 professionals have used our research since 2012.