NetWitness NDR vs OpenText Core Endpoint Protection​ comparison

NetWitness NDR vs. OpenText Core Endpoint Protection

Download the complete report

Helped 885,264 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

As of March 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.5%, down from 4.0% compared to the previous year. The mindshare of NetWitness NDR is 0.7%, up from 0.3% compared to the previous year. The mindshare of OpenText Core Endpoint Protection is 1.3%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP) Mindshare Distribution
Product	Mindshare (%)
Cortex XDR by Palo Alto Networks	3.5%
OpenText Core Endpoint Protection	1.3%
NetWitness NDR	0.7%
Other	94.5%

Endpoint Protection Platform (EPP)

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

reviewer1799727

Manager, IT Security Operations at a non-profit with 11-50 employees

Reliable and good support but can be expensive

I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not only rely on the intelligence of the engineer in charge but to have some threat intelligence and some seeds of IOCs and to have the host have some artificial intelligence to reduce the number of false positives. I don't see this solution being very scalable. The solution is pricey.

Read full review

reviewer2584380

vCIO At Grove Networks Inc. at a computer software company with 11-50 employees

Improving threat detection is critical for enhanced protection

We use Webroot Business Endpoint Protection as a NextGen antivirus solution for our clients. It's included in the contract we have with our clients as a cost-effective option for antivirus protection Webroot Business Endpoint Protection is cost-effective for rolling it out to all of our clients,…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It integrates well into the environment."

"Stability is one of the features we like the most."

"There has been a significant reduction of approximately 70% to 80% in our internal MTTR and MTTD metrics, now around five to eight minutes whereas previously it was hours, which has helped tremendously."

"We use it for malicious connections from malicious websites, to identify payloads that might be inside the traffic, to identify malicious processes or bugs that are running on the network, and any activities that tend to lead to data infiltration."

"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."

"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."

"We can visualize and control the activities in the environment from anywhere."

"Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."

More Cortex XDR by Palo Alto Networks pros

"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."

"The stability of the RSA NetWitness Endpoint is very good."

"I would recommend others to use RSA NetWitness Endpoint at this time because they have evolved from an MD to an EDR solution to an XDR solution."

"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."

"This solution allows us to locate the malware in real-time."

"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."

"One of the most valuable features is the Orchestrator."

"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."

More NetWitness NDR pros

"The ability to generate profiles specific to both business groups and organizations has made managing nearly 1000 endpoints very simple."

"I like that Webroot is very lightweight, it didn't bog down the machine, and more importantly, it had heuristics artificial intelligence to some degree, where you have one endpoint recognizing issues because it maintains a cloud database, so if one client recognizes a threat, it would add it to the database, and almost immediately, every agent in the world would also know about that threat."

"The solution is very simple and straightforward to use."

"The most valuable aspect of the solution is the fact that it is a low profile environment as far as overhead on the machines."

"Customer Service: Top-of-the-line; the busy community as well. Technical Support: Top-of-the-line; the busy community as well."

"Speed"

"Auto-Remediation"

"The initial setup was straightforward. It took five minutes. I installed the solution myself."

More OpenText Core Endpoint Protection pros

Cons

"A little bit more automation would be nice."

"The solution needs better reports. I think they should let the customer go in and customize the reports."

"In general, the price could be more competitive."

"There are some limitations on the Traps agents."

"It would be good to have a better way to search for a file within the UI."

"The solution should force customers to integrate with network traffic to see the full benefits of XDR."

"Cortex XDR could improve its sales support team, including better commission structures and referral programs."

"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."

More Cortex XDR by Palo Alto Networks cons

"The solution doesn't have a reporting engine which would be helpful."

"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."

"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."

"The initial setup requires a high level of skill, then the setup is good and smooth."

"The threat intelligence could improve in RSA NetWitness Endpoint."

"RSA NetWitness Network could improve on integration with non-native application integration."

"The problem with this product is that it's a bit slow."

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

More NetWitness NDR cons

"Unified threat management (UTM) integration."

"Since they're dealing with multi-core environments now, the best option would be for them to enhance the product so that the product can automatically do an assessment on the machine."

"Reporting system could be improved."

"This product has room for improvement to display a more detailed representation of the problem when a virus is or isn't stopped."

"We need to know more details about how the virus interacted with the computer."

"It would be great if there was a feature which would allow you to scan an individual file on an endpoint user's computer."

"We need to have a stronger defense against CryptoLock and other attackers."

"One of the biggest pain points is that it's not really ransomware-oriented. They will be able to catch some, but that's where Sentinel One is a better player compared to Webroot."

More OpenText Core Endpoint Protection cons

Pricing and Cost Advice

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."

"It is "expensive" and flexible."

"I don't recall what the cost was, but it wasn't really that expensive."

"The price is on the higher side, but it's okay."

"Compared to CrowdStrike, Cortex XDR is an expensive solution."

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."

"Cortex XDR's pricing is ok."

"It has reasonable pricing for the use cases it provides to the company."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

"We are on a three-year contract to use RSA NetWitness Network."

"I do not have any opinion on the pricing or licensing of the product."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"It is highly scalable. It can be bought based on your requirements."

More NetWitness NDR pricing and cost advice

"We evaluate other options using multiple choices, best value, management and functionality."

"The solution doesn't cost too much. It's about 30 Euros a year for each endpoint. It's pretty affordable for us and for many other companies."

"Our strategy was to overestimate the complexity and cost. It turned out that Webroot's assurance was justified."

"Webroot Business Endpoint Protection is not too expensive. My licenses cost me between $300 and $400. It is really good price wise."

"I rate the product's pricing a three on a scale of one to ten, where one is cheap, and ten is expensive. There are no costs in addition to the product's standard licensing fees."

"With Webroot Business Endpoint Protection, I can select a yearly billing cycle."

"It is relatively cheap."

"I can't recall the exact pricing, but I believe there is a monthly fee of $20-30 per user."

More OpenText Core Endpoint Protection pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

885,264 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

Computer Software Company

Financial Services Firm

Comms Service Provider

Computer Software Company

Financial Services Firm

Manufacturing Company

Outsourcing Company

Computer Software Company

Performing Arts

Comms Service Provider

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	44
Midsize Enterprise	20
Large Enterprise	47

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	2
Large Enterprise	5

By reviewers
Company Size	Count
Small Business	35
Midsize Enterprise	2
Large Enterprise	2

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

What is your experience regarding pricing and costs for Webroot Business Endpoint Protection?

Ask a question

Earn 20 points

Webroot Business Endpoint Protection is probably on the cheaper side, so I would rate their pricing a one or a two ou...

What needs improvement with Webroot Business Endpoint Protection?

Webroot Business Endpoint Protection needs to improve its ability to detect threats. It does not do what it's adverti...

What is your primary use case for Webroot Business Endpoint Protection?

We use Webroot Business Endpoint Protection as a NextGen antivirus solution for our clients. It's included in the con...

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Comparisons

Compared 9% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 6% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Trellix Endpoint Security Platform vs NetWitness NDR

Compared 6% of the time

Darktrace vs NetWitness NDR

Compared 6% of the time

ServiceNow Security Operations vs NetWitness NDR

Compared 4% of the time

ExtraHop Reveal(x) vs NetWitness NDR

Compared 4% of the time

Tanium vs NetWitness NDR

Compared 2% of the time

More NetWitness NDR Competitors

Microsoft Defender for Endpoint vs OpenText Core Endpoint Protection

Compared 32% of the time

Huntress Managed EDR vs OpenText Core Endpoint Protection

Compared 6% of the time

SentinelOne Singularity Complete vs OpenText Core Endpoint Protection

Compared 5% of the time

CrowdStrike Falcon vs OpenText Core Endpoint Protection

Compared 4% of the time

Malwarebytes Teams vs OpenText Core Endpoint Protection

Compared 4% of the time

More OpenText Core Endpoint Protection Competitors

Product Reports

Cortex XDR by Palo Alto Networks

Download Cortex XDR by Palo Alto Networks product report

NetWitness NDR

Download NetWitness NDR product report

OpenText Core Endpoint Protection

Download OpenText Core Endpoint Protection product report

OpenText Core Endpoint Protection report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

RSA ECAT, NetWitness Network

Webroot SecureAnywhere Business Endpoint Protection

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

NetWitness

OpenText Core Endpoint Protection offers cloud-managed endpoint security with AI integration, providing real-time protection and lightweight performance. It ensures low system impact, seamless cloud integration, and cost-effective security solutions for various devices.

OpenText Core Endpoint Protection is a comprehensive endpoint security platform utilized by managed-service providers for antivirus and firewall functionality across servers, workstations, and mobile devices. It employs AI for robust threat detection, integrating with cloud applications for real-time updates. Multi-layered security features include malware protection, network defense, and DNS protection. Although connectivity and threat reporting need improvement, this platform extensively supports remote device management and integrates efficiently with Active Directory policies.

What are the key features of OpenText Core Endpoint Protection?

Cloud Management: Centralized admin console for easy oversight
AI Integration: Enhanced threat detection capabilities
Lightweight Performance: Minimal impact on system resources
Real-time Threat Database: Constant updates for effective protection
Web Control Interface: Monitors and controls web traffic

What benefits are associated with OpenText Core Endpoint Protection?

Ease of Setup and Maintenance: Facilitates quick deployment and upkeep
Seamless Cloud Integration: Simplifies scalability and operation
Cost-Effectiveness: Affordable pricing with comprehensive features
Mobile Security Capabilities: Supports remote device management

OpenText Core Endpoint Protection finds application in industries requiring stringent data protection and peace of mind over device security. Managed-service providers implement this for comprehensive antivirus and firewall features, safeguarding multi-device networks. It is particularly useful for DNS protection and integrating with Active Directory policies, enabling secure yet flexible operations across sectors.

OpenText

Sample Customers

CBI Health Group, University Honda, VakifBank

ADP, Ameritas, Partners Healthcare

Mytech Partners

NetWitness NDR vs. OpenText Core Endpoint Protection