Try our new research platform with insights from 80,000+ expert users

NetWitness NDR vs Sumo Logic Security comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

NetWitness NDR
Ranking in Security Orchestration Automation and Response (SOAR)
27th
Average Rating
8.0
Number of Reviews
15
Ranking in other categories
Endpoint Protection Platform (EPP) (59th), Threat Intelligence Platforms (33rd), Endpoint Detection and Response (EDR) (59th), Network Detection and Response (NDR) (18th), Extended Detection and Response (XDR) (34th)
Sumo Logic Security
Ranking in Security Orchestration Automation and Response (SOAR)
12th
Average Rating
8.6
Number of Reviews
18
Ranking in other categories
Log Management (19th), Security Information and Event Management (SIEM) (19th)
 

Mindshare comparison

As of November 2024, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of NetWitness NDR is 0.5%, up from 0.4% compared to the previous year. The mindshare of Sumo Logic Security is 0.8%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

SupravatMaji - PeerSpot reviewer
Jun 23, 2022
Beneficial single unified dashboard, good native application integration, and high availability
The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good RSA NetWitness Network could improve on integration with non-native application…
Moole Muralidhara Reddy - PeerSpot reviewer
Mar 26, 2024
Used to store and monitor application logs and VPC flow logs
We are mainly concentrating on networking. We use VPC products and application logs to monitor the genuineness of users who have logged in. We also store and monitor GuardDuty logs to see if someone is trying to access the same server multiple times. We are storing and monitoring WAF logs and GuardDuty logs. If someone faces any issues, we'll receive an email and take action based on it. If someone tries to access one of the applications from a different country, we can search in Google and identify the location of that particular IP address. Sumo Logic Security identifies whether a particular IP address is low, medium, or high risk without the help of Google. We can store logs in CloudWatch, but it is very difficult to search them in CloudWatch. We should know the query in order to do that. Searching for logs with Sumo Logic Security is very easy compared to CloudWatch. We have been using the solution for more than two years and haven't faced any issues with the solution's availability. I would recommend the solution to other users. I would recommend Sumo Logic Security instead of AWS, CloudWatch, or CloudTrail. With Sumo Logic Security, you can capture and see all the logs in a single place. If some issues occur, you can log into the solution and verify all the logs. At an organizational level, we have multiple AWS accounts for different environments. Instead of logging in to all the AWS accounts, you can log in to Sumo Logic Security and verify everything. Overall, I rate the solution a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"It is stable. We have been using it for some time, without any issues."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"Ability to isolate the machine when there are malicious files."
"Technical support is knowledgeable."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"The stability of the RSA NetWitness Endpoint is very good."
"It helps a lot because we can troubleshoot issues pretty easily."
"Scalability has been good for our needs. We haven't run into any scaling issues in regards to size so far."
"We have used it many times to find a root cause of a live issue, then fix the problem in the applications."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"The solution is quite stable."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Sumo Logic is an easy solution to use. You can set it up very quickly, and it includes a lot of training videos."
 

Cons

"Threat detection could be better."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"Sumo Logic needs to make sure integrating solutions are seamless."
"The integration with multiple sources could be better."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"If you look at some of the other offerings right now that are available in the market, they do offer APM as well as the product they're offering. I believe Sumo Logic is not there yet. So that's something which I would love to see."
 

Pricing and Cost Advice

"It is highly scalable. It can be bought based on your requirements."
"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
"I do not have any opinion on the pricing or licensing of the product."
"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."
"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
"We are on a three-year contract to use RSA NetWitness Network."
"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
"The license pricing model is based on the events that are processed through the solution."
"Purchasing the solution through the AWS Marketplace is very easy."
"The product is costly."
"Purchasing Sumo Logic through the AWS Marketplace was a simple step."
"The pricing is good. It's not an issue for us."
"Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products."
"If we went to ELK Stack, which is open source, it would have been less costly, but it would have required more development from our side."
"The price scaling comes in a bit expensive."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
16%
Government
8%
Manufacturing Company
8%
Computer Software Company
16%
Financial Services Firm
11%
Government
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Sumo Logic Security?
Sumo Logic Security is a good solution for searching the logs and identifying the issues.
What is your experience regarding pricing and costs for Sumo Logic Security?
Storing logs in Sumo Logic Security is charged GB-wise, which is a little higher than other products.
What needs improvement with Sumo Logic Security?
Sumo Logic Security is expensive, and its pricing could be improved.
 

Also Known As

RSA ECAT, NetWitness Network
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

ADP, Ameritas, Partners Healthcare
Information Not Available
Find out what your peers are saying about NetWitness NDR vs. Sumo Logic Security and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.