Trellix Network Detection and Response and NetWitness NDR compete in the cybersecurity detection and response category. Trellix seems to have the upper hand due to its deep analysis and real-time response capabilities, while NetWitness is recognized for its broader visibility and ease of integration.
Features: Trellix Network Detection and Response offers comprehensive detection capabilities, zero-day vulnerability protection, and advanced sandboxing, integrating seamlessly with various security solutions for a unified approach. NetWitness NDR provides strong interoperability and visualization features, enabling easy network-to-endpoint pivoting and seamless platform integration.
Room for Improvement: Trellix could enhance cloud integration and VM customization alongside better network visibility and coordination with third-party solutions. NetWitness NDR needs improvement in threat detection, scalability, dashboard updates, and fraud detection features, along with better ServiceNow integration and licensing management.
Ease of Deployment and Customer Service: Trellix offers multiple deployment options, including on-premises and hybrid cloud, coupled with responsive customer service and solid technical support. NetWitness supports predominantly on-premises environments with good technical support but requires service responsiveness improvements.
Pricing and ROI: Trellix Network Detection and Response is viewed as a premium solution with high initial costs, but its threat prevention effectiveness and ROI justify the price. NetWitness NDR offers flexible pricing and licensing options suitable for various organization sizes, providing good value despite being seen as costly.
Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents.
The customer support for Trellix Network Detection and Response is great.
There should be improvements in AI intelligence, faster decision-making, and a more responsive technical support team.
I would like to see in Trellix Network Detection and Response more explanation about some details of the threat.
What makes Trellix Network Detection and Response stand out for me compared to other tools is the way you can detect threats. It is very easy and comfortable to use, and the detection shows clearly on the screen, which is very easy to understand.
Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch.
| Product | Market Share (%) |
|---|---|
| Trellix Network Detection and Response | 2.7% |
| NetWitness NDR | 3.1% |
| Other | 94.2% |
| Company Size | Count |
|---|---|
| Small Business | 10 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
| Company Size | Count |
|---|---|
| Small Business | 20 |
| Midsize Enterprise | 8 |
| Large Enterprise | 19 |
Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness NDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.
Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
