NetWitness NDR vs OpenText Core Endpoint Protection​ comparison

NetWitness NDR vs. OpenText Core Endpoint Protection

Download the complete report

Helped 900,747 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

As of June 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 3.8% compared to the previous year. The mindshare of NetWitness NDR is 0.9%, up from 0.3% compared to the previous year. The mindshare of OpenText Core Endpoint Protection is 1.6%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP) Mindshare Distribution
Product	Mindshare (%)
Cortex XDR by Palo Alto Networks	3.7%
OpenText Core Endpoint Protection	1.6%
NetWitness NDR	0.9%
Other	93.8%

Endpoint Protection Platform (EPP)

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

reviewer1799727

Manager, IT Security Operations at a non-profit with 11-50 employees

Reliable and good support but can be expensive

I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat intelligence feeds. We would like to have more IOCs or more trade intelligence to not only rely on the intelligence of the engineer in charge but to have some threat intelligence and some seeds of IOCs and to have the host have some artificial intelligence to reduce the number of false positives. I don't see this solution being very scalable. The solution is pricey.

Read full review

reviewer2584380

vCIO At Grove Networks Inc. at a computer software company with 11-50 employees

Improving threat detection is critical for enhanced protection

We use Webroot Business Endpoint Protection as a NextGen antivirus solution for our clients. It's included in the contract we have with our clients as a cost-effective option for antivirus protection Webroot Business Endpoint Protection is cost-effective for rolling it out to all of our clients,…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."

"I've found the solution to be highly scalable for enterprises."

"Once you become familiar with it, Cortex XDR by Palo Alto Networks is a more powerful tool and I would say that I prefer it over MDE because it is a stronger tool for me."

"Based on my experience, I would recommend Cortex XDR by Palo Alto Networks to other people."

"Palo Alto is the core of the security infrastructure in the environment."

"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."

"Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues."

"The most valuable aspect of Cortex XDR by Palo Alto Networks for me is its integration with AI detection, where we get to know the behavioral detection based on users, traffic patterns, and different services that we consume."

More Cortex XDR by Palo Alto Networks pros

"The interface of this solution is very flexible and easy to use."

"RSA NetWitness Endpoint has helped our organization from its many advantages and because it provides overall visibility of all of our endpoints within the enterprise network."

"The solution is stable."

"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."

"The detection rate and tracking features including historical tracking, tracking of the fires on the desk, and tracking of the file last monitored are all quite valuable for us."

"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."

"It is very easy to use, and its usability is great."

"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."

More NetWitness NDR pros

"It is an easy-to-use and easy-to-configure product."

"Their policy management, their cloud-based dashboard and user interface are very easy to navigate."

"We no longer have to worry about running scans as it is so lightweight and there is no user impact."

"It is very lightweight on the workstations, not slowing them down while still doing its job very well."

"Webroot Business Endpoint Protection is very scalable."

"The feature we found most valuable is the AI functionality for maintaining endpoint security, which is very powerful and has been useful over the last year."

"The solution has many features. It is very easy to define and set the policies based on the user groups, it does not take up a lot of resources in operation, and has provided us with a good track record of protection."

"We've not had any issues with scalability. If an organization needs to expand, they can do so quite easily."

More OpenText Core Endpoint Protection pros

Cons

"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."

"The solution should enhance the ADR and reporting."

"The negative aspect I see is the economic model used by Palo Alto."

"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."

"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."

"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."

"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."

"The encryption is not up to the mark."

More Cortex XDR by Palo Alto Networks cons

"The problem with this product is that it's a bit slow."

"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."

"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."

"I don't see this solution being very scalable."

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

"Threat detection could be better."

"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."

"The initial setup requires a high level of skill, then the setup is good and smooth."

More NetWitness NDR cons

"The only complaint I have with Webroot is its inability to prevent UoD phishing and its inability to check against bots or block anti-attacks. Plus the URL server is in zero-definition."

"The reporting is the weakest part of the Webroot console. Frequently, I export to Excel to massage something into it to pass on to others."

"The platform is mostly stable, however there are hiccups with the cloud from time-to-time that impact the ability to get to the portal."

"We were attacked by CryptoLock. It didn't protect us in the way we needed to and an attack was able to get through their defenses."

"Usually, when it comes to reliability, McAfee and Norton are at 99 percent. Webroot's percentage is lower. It is 94% reliable in terms of what it catches, but you're trading that percentage for customer satisfaction because your computer isn't being constantly told that it just blocked something, or it just did something."

"The console spins up relatively slowly, and some of the configuration items are obscure (e.g., reporting back one time per day is a default setting) and need to be tweaked."

"Webroot is very reactionary. It waits until the threat is active within memory to try and detect it. They need better pre-execution detection and prevention."

"It would be nice if it had a feature for automatically generating reports on the client end for device status, security status and backup information."

More OpenText Core Endpoint Protection cons

Pricing and Cost Advice

"Its pricing is kind of in line with its competitors and everybody else out there."

"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."

"I don't like that they have different types of licenses."

"Very costly product."

"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."

"I feel it is fairly priced."

"The pricing is a little bit on the expensive side."

"The tool's price is moderate."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"We are on a three-year contract to use RSA NetWitness Network."

"It is highly scalable. It can be bought based on your requirements."

"I do not have any opinion on the pricing or licensing of the product."

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"It is an expensive product."

More NetWitness NDR pricing and cost advice

"It is relatively cheap."

"The solution doesn't cost too much. It's about 30 Euros a year for each endpoint. It's pretty affordable for us and for many other companies."

"I rate the product's pricing a three on a scale of one to ten, where one is cheap, and ten is expensive. There are no costs in addition to the product's standard licensing fees."

"The pricing is high."

"Our strategy was to overestimate the complexity and cost. It turned out that Webroot's assurance was justified."

"Its cost is not much per month. Our price is a couple of bucks a user."

"If you purchase for clients, then you are the managing billing entity. It's better to either get a monthly subscription check from your clients, or to prepay for the year (so as to not keep cash in reserve to pay the bill each month) IMHO."

"The solution is very cost-effective."

More OpenText Core Endpoint Protection pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

900,747 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Construction Company

12%

Financial Services Firm

11%

Manufacturing Company

10%

Comms Service Provider

Financial Services Firm

13%

Manufacturing Company

Construction Company

Computer Software Company

Construction Company

12%

Financial Services Firm

Manufacturing Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	46
Midsize Enterprise	20
Large Enterprise	52

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	2
Large Enterprise	6

By reviewers
Company Size	Count
Small Business	35
Midsize Enterprise	2
Large Enterprise	2

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

What is your experience regarding pricing and costs for Webroot Business Endpoint Protection?

Ask a question

Earn 20 points

Webroot Business Endpoint Protection is probably on the cheaper side, so I would rate their pricing a one or a two ou...

What needs improvement with Webroot Business Endpoint Protection?

Webroot Business Endpoint Protection needs to improve its ability to detect threats. It does not do what it's adverti...

What is your primary use case for Webroot Business Endpoint Protection?

We use Webroot Business Endpoint Protection as a NextGen antivirus solution for our clients. It's included in the con...

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Comparisons

Compared 10% of the time

SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Darktrace vs NetWitness NDR

Compared 5% of the time

Trellix Endpoint Security Platform vs NetWitness NDR

Compared 5% of the time

ServiceNow Security Operations vs NetWitness NDR

Compared 4% of the time

VMware Carbon Black Endpoint vs NetWitness NDR

Compared 3% of the time

Corelight Open NDR vs NetWitness NDR

Compared 3% of the time

More NetWitness NDR Competitors

Microsoft Defender for Endpoint vs OpenText Core Endpoint Protection

Compared 41% of the time

SentinelOne Singularity Endpoint vs OpenText Core Endpoint Protection

Compared 4% of the time

Huntress Managed EDR vs OpenText Core Endpoint Protection

Compared 4% of the time

Malwarebytes Teams vs OpenText Core Endpoint Protection

Compared 4% of the time

More OpenText Core Endpoint Protection Competitors

Product Reports

Cortex XDR by Palo Alto Networks

Download Cortex XDR by Palo Alto Networks product report

NetWitness NDR

Download NetWitness NDR product report

OpenText Core Endpoint Protection

Download OpenText Core Endpoint Protection product report

OpenText Core Endpoint Protection report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

RSA ECAT, NetWitness Network

Webroot SecureAnywhere Business Endpoint Protection

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

NetWitness NDR provides robust network security features, offering full visibility and effective incident response. Its seamless integration and user-friendly interface support malware detection and real-time threat tracking.

NetWitness NDR stands out for its comprehensive traffic details and compatibility across operating systems. It features a unified dashboard and lightweight installation, making it user-friendly without IT support. The system supports orchestration features and user behavior analytics. While deployment is somewhat modular and complex, it serves well for network security, malware analysis, and digital forensics. NetWitness integrates smoothly with third-party apps using its intuitive API, though improvements could be made in areas like SOAR integration, hunting features, and scalability, alongside addressing pricing and licensing complexities.

What are NetWitness NDR's Key Features?

Full Visibility: Offers comprehensive insight into network activities.
User-Friendly Interface: Simplifies navigation and management.
Real-Time Threat Tracking: Enables quick detection and action against threats.
Seamless Integration: Works easily with external applications and systems.
Unified Dashboard: Provides one-stop access to all security metrics.

What Benefits Should Users Look For?

Effective Malware Detection: Identifies and mitigates threats efficiently.
Flexible Deployment: Adapts to both on-premises and IT security needs.
Comprehensive Analytics: Offers detailed traffic and behavior analysis.
Ease of Use: Minimal need for IT support.

Banks and telecom companies utilize NetWitness NDR for detecting indicators of compromise, analyzing intrusion history, and providing risk scores. It functions as both a SIEM tool and a network forensic instrument, proving essential for sectors focused on network security and threat prevention.

NetWitness

OpenText Core Endpoint Protection offers cloud-managed endpoint security with AI integration, providing real-time protection and lightweight performance. It ensures low system impact, seamless cloud integration, and cost-effective security solutions for various devices.

OpenText Core Endpoint Protection is a comprehensive endpoint security platform utilized by managed-service providers for antivirus and firewall functionality across servers, workstations, and mobile devices. It employs AI for robust threat detection, integrating with cloud applications for real-time updates. Multi-layered security features include malware protection, network defense, and DNS protection. Although connectivity and threat reporting need improvement, this platform extensively supports remote device management and integrates efficiently with Active Directory policies.

What are the key features of OpenText Core Endpoint Protection?

Cloud Management: Centralized admin console for easy oversight
AI Integration: Enhanced threat detection capabilities
Lightweight Performance: Minimal impact on system resources
Real-time Threat Database: Constant updates for effective protection
Web Control Interface: Monitors and controls web traffic

What benefits are associated with OpenText Core Endpoint Protection?

Ease of Setup and Maintenance: Facilitates quick deployment and upkeep
Seamless Cloud Integration: Simplifies scalability and operation
Cost-Effectiveness: Affordable pricing with comprehensive features
Mobile Security Capabilities: Supports remote device management

OpenText Core Endpoint Protection finds application in industries requiring stringent data protection and peace of mind over device security. Managed-service providers implement this for comprehensive antivirus and firewall features, safeguarding multi-device networks. It is particularly useful for DNS protection and integrating with Active Directory policies, enabling secure yet flexible operations across sectors.

OpenText

Sample Customers

CBI Health Group, University Honda, VakifBank

ADP, Ameritas, Partners Healthcare

Mytech Partners

NetWitness NDR vs. OpenText Core Endpoint Protection