Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs RSA enVision comparison

NetWitness and RSA are both solutions in the Security Information and Event Management (SIEM) category. NetWitness is ranked #32 with an average rating of 8.0, while RSA is ranked #33 with an average rating of 8.0. NetWitness holds a 0.6% mindshare in SIEM, compared to RSA’s 0.3% mindshare. Additionally, 75% of NetWitness users are willing to recommend the solution, compared to 83% of RSA users who would recommend it.
NetWitness Platform
Read 37 NetWitness Platform reviews
  • 1,067 Views
  • 682 Comparison Views
75% willing to recommend
RSA enVision
Read 6 RSA enVision reviews
  • 516 Views
  • 396 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and RSA enVision are widely recognized in the realm of cybersecurity. Based on user reviews, NetWitness Platform excels in scalability and flexibility, whereas RSA enVision is preferred for its feature-rich offerings that provide comprehensive security insights.

Features: NetWitness Platform is praised for its advanced threat detection and investigation capabilities, while also being commended for its scalability and flexibility. RSA enVision is valued for its detailed log management, comprehensive reporting features, and extensive security insights.

Room for Improvement: Users suggest improving the complexity and learning curve associated with NetWitness Platform and the user interface. RSA enVision users mention the need for more streamlined integration processes, better customer support, and enhanced user interface experience.

Ease of Deployment and Customer Service: Users appreciate the relatively simple deployment model and customer service of NetWitness Platform. In contrast, RSA enVision faces criticism for cumbersome deployment processes and inconsistent support experiences.

Pricing and ROI: NetWitness Platform is seen as cost-effective with favorable ROI, whereas RSA enVision is perceived as expensive but justified by its comprehensive features. Although RSA enVision demands a higher upfront setup cost, NetWitness Platform's balance of cost and functionality is highly regarded.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed NetWitness Platform vs. RSA enVision Report (Updated: April 2025).
Buyer's Guide
NetWitness Platform vs. RSA enVision
April 2025
Download the complete report
Helped 851,604 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
32nd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (38th)
RSA enVision
Ranking in Security Information and Event Management (SIEM)
33rd
Average Rating
7.2
Reviews Sentiment
6.7
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Security Information and Event Management (SIEM) category, the mindshare of NetWitness Platform is 0.6%, down from 0.8% compared to the previous year. The mindshare of RSA enVision is 0.3%, down from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

MdZaman - PeerSpot reviewer
Really scalable for enterprise customers
The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.
Read full review
SF
Support both French and English, which is important for us and adapted to the evolving security landscape over time in my experience
You need a skilled engineer to deploy it because you can do anything with this tool. You can see everything on the network. A good engineer will be surprised and have fun using this tool because it's very powerful. Deployment process: You need to build a recipe/layout when you want to deploy something. Once the recipe is done, you just have to copy it. So you really need a good engineer at first, but then any other technician can copy the recipe. You don't need to be an expert once the recipe is finalized. So, once you have it set up, it's easy to deploy. But you need a good engineer to deploy it correctly. You will get alerts from the system, but if you want to fully explore and maximize the tool, the engineering needs are different.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"NetWitness Platform is valuable for creating rules that the solution must detect."
"NetWitness can be highly beneficial for incident detection and response."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"Performance and reporting are very good."
"It's quite economical compared to other solutions in the market."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Incident management is its most valuable feature."
More NetWitness Platform pros
"The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten."
"The most valuable feature is the management features. It's capable of managing large enterprises."
"We developed around this solution and received excellent support from the company."
"The most valuable feature of this solution is the reporting."
 

Cons

"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"The product's licensing models are complex to understand. This particular area needs improvement."
"An area for improvement would be better automation and more inbuilt use cases."
"More customizability is required, which is something that they need to improve on."
"We have encountered issues with unresolved crashes."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
More NetWitness Platform cons
"Licensing could be improved to be more oriented towards Managed Service Providers (MSPs)."
"RSA enVision log manager is out of date and is not in use anymore."
"In general, the solution currently isn't user-friendly."
"The integration could be easier, it should support more products."
 

Pricing and Cost Advice

"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"Compared to the competition, the is price is not that high."
"We are on an annual license for the use of the solution."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"It’s cheaper to run virtual machines in a VMware environment."
"The product price was reasonable for my region and the market."
More NetWitness Platform pricing and cost advice
"We no longer pay a licensing fee because it is out of date and don't pay for support."
"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing a six."
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
851,604 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
17%
Government
6%
Insurance Company
6%
Manufacturing Company
13%
Computer Software Company
11%
Comms Service Provider
9%
Educational Organization
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
What do you like most about RSA enVision?
The configuration part is very easy...The technical support was sincere in their responses...I rate the technical support a nine out of ten.
See all answers
What needs improvement with RSA enVision?
Licensing could be improved to be more oriented towards Managed Service Providers (MSPs). Perhaps offering different types of licensing would be beneficial, as it can be expensive for industries wi...
See all answers
What advice do you have for others considering RSA enVision?
Overall, I would rate it a nine out of ten. I recommend using it, but it also depends on the needs and the budget. If I still had my company, I think we would continue using RSA enVision. However, ...
See all answers
 

Comparisons

Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 23% of the time
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 17% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 13% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 10% of the time
Cisco Secure Network Analytics vs NetWitness Platform Logo
Cisco Secure Network Analytics vs NetWitness Platform
Compared 8% of the time
More NetWitness Platform Competitors
Splunk Enterprise Security vs RSA enVision Logo
Splunk Enterprise Security vs RSA enVision
Compared 34% of the time
IBM Security QRadar vs RSA enVision Logo
IBM Security QRadar vs RSA enVision
Compared 32% of the time
More RSA enVision Competitors
 

Product Reports

Buyer's Guide
NetWitness Platform
May 2025
NetWitness Platform reportDownload NetWitness Platform product report
Buyer's Guide
Security Information and Event Management (SIEM)
May 2025
RSA enVision reportDownload RSA enVision product report
 

Also Known As

RSA Security Analytics
No data available
 

Overview

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness

RSA enVision is a comprehensive security information and event management (SIEM) solution offered by RSA, a leading provider of cybersecurity solutions. It enables organizations to collect, analyze, and manage security event data from various sources, providing real-time visibility into their IT infrastructure. With RSA enVision, organizations can proactively detect and respond to security incidents, ensuring the protection of critical assets and sensitive data. 

The solution offers a wide range of features, including log management, event correlation, threat intelligence, and compliance reporting. One of the key strengths of RSA enVision is its ability to collect and normalize data from diverse sources, such as network devices, servers, applications, and databases. This allows organizations to gain a holistic view of their security posture and identify potential threats or vulnerabilities. 

The event correlation capabilities of RSA enVision enable the detection of complex attack patterns and the identification of potential security incidents. By analyzing events in real-time and correlating them with historical data, the solution can provide actionable insights and alerts to security teams, enabling them to respond quickly and effectively. RSA enVision also offers advanced threat intelligence capabilities, leveraging machine learning and behavioral analytics to identify anomalous activities and potential indicators of compromise. This helps organizations stay ahead of emerging threats and proactively mitigate risks. 

RSA enVision provides comprehensive compliance reporting capabilities, helping organizations meet regulatory requirements and demonstrate adherence to industry standards. The solution offers pre-built compliance reports for various regulations, such as PCI DSS, HIPAA, and GDPR, simplifying the audit process and reducing compliance-related costs. In summary, RSA enVision is a powerful SIEM solution that enables organizations to effectively manage their security events, detect and respond to threats, and meet compliance requirements. 

With its robust features and capabilities, it provides organizations with the necessary tools to enhance their cybersecurity posture and protect their critical assets.

RSA
 

Sample Customers

Los Angeles World Airports, Reply
BPS (SUISSE), Hypovereinsbank Germany, MAX Hamburgers, Infoplex, Neotel, Telus
Buyer's Guide
NetWitness Platform vs. RSA enVision
April 2025
Free Report: NetWitness Platform vs. RSA enVision
Find out what your peers are saying about NetWitness Platform vs. RSA enVision and other solutions. Updated: April 2025.
DOWNLOAD NOW
851,604 professionals have used our research since 2012.
See our NetWitness Platform vs. RSA enVision report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.