Top Rated NetWitness Platform Alternatives
22 NetWitness Platform Reviews
Overall Review Sentiment for NetWitness Platform
Log in to view review sentiment.
Great to get insights about the risk score and alerts and incidents give a broader picture on activity Review collected by and hosted on G2.com.
Dashboards could habe been a bit more pleasing to see. Nonetheless this will be achieved in the near future probably Review collected by and hosted on G2.com.
The best part the ueba and the latest soar capability which reduces multiple work heads collate under one umbrella. Review collected by and hosted on G2.com.
The complexity in the architecture, most of the issues which occur in environment requires lot of investigation to find the RCA. Review collected by and hosted on G2.com.
Availablity of out of the box usecases (Correlation rules, reports and dashboards). Network (packet) capture component and also have inbuilt EDR and UEBA components.
Good product documention.
New version is good. Review collected by and hosted on G2.com.
Application level HA is not there.
Support can be improved.
Migration from older versions. Review collected by and hosted on G2.com.
The way you can follow packets and the UI Review collected by and hosted on G2.com.
A lot of features and it's a bit overwhelming to use Review collected by and hosted on G2.com.
Log collection and event management, Incident investigation Review collected by and hosted on G2.com.
GUI console, RSS Hirarchay, log analysis, Review collected by and hosted on G2.com.
It is easy to use and packets is an added value Review collected by and hosted on G2.com.
The complexity of the devices specifically the Hybrid and the ESA appliances Review collected by and hosted on G2.com.
We like this tool at the gateway because it allows us to capture network data and transmit it to security and network staff. With that we have visibility, detection of threats and then mitigate them. I also like the friendly, intuitive interface and easy to administer and configure security rules. Review collected by and hosted on G2.com.
We have been using it for a long time and no one has reported any problems with using the RSA NetWitness Network. The tool offers great cost-benefit protection against simple and complex threats. Review collected by and hosted on G2.com.
1) Easy to use
2) Secure
3) Using RSA you can use your application any where in the word.
4) It has feature to configure at both ANdroid & iOs
5) Good security feature when using specially banking application
6) Access simplifies authentication and credential management, helping to reduce IT support costs. With a conditional-access and risk-based approach, it ensures users are who they say they are and provides the right level of access from any device, across cloud and on-premises applications.
7) Two-Factor Authentication
The RSA token is a physical ‘pen’ that generates a random code every 60 seconds. This code is used, along with the RSA PIN number that you choose, in order to gain authentication for access to an account or server. The RSA token offers a two-factor authentication process that consists of:
‘Something you know’ – A four digit, memorised PIN number.
‘Something you have’ – The physical token, which generates a 6 or 8 digit code every 60 seconds.
8) it does greatly enhance login security. It’s useful for anyone who wants to use two-factor authentication.
9) Deliver convenient, secure access to your extended enterprise with RSA SecurID Access, the leading multi-factor authentication and identity assurance solution. Whether you deploy it as a service in the cloud or on premises, RSA SecurID Access protects both SaaS applications and traditional enterprise resources with a full range of authentication methods and dynamic, risk-driven access policies. Review collected by and hosted on G2.com.
1) Stolen Seeds?
Every RSA SecurID has a unique 128 bit key hardware coded into it, a 128 bit number is very long number, so it’s very hard to brute-force/guess what it is. This key is often referred to as the seed. RSA keep a copy of the seed unless the customer specifically tells them to remove it, RSA’s storage of SecurID seeds is what is suspected to have been compromised. Each SecurID issued to a customer is associated with a customer based RSA SecurID Server, which stores the seed number. The seed is in essence a private key which must be kept secret, even from the user, and is used to generate the challenge response number on the SecurID token, and is used to match it up on SecurID Server.
In simple terms, if an attacker were to know which SecurID token you had, based on the serial number on the back or from the customer site database; and assuming the attacker had the stolen RSA database of serial numbers and seed numbers, the attacker could generate the SecurID number without having possession of SecurID token, which defeats the purpose of two factor authentication.
2) However they are many factors and ‘ifs’ in play, assuming the attacker had the full RSA SecurID database in their possession, to be fully successful the attacker would need to obtain the username, password, remote gateway details and SecurID serial number. Most of this information would need to be collected from the user or from within the customer site. So phishing attacks, social engineering and network attacks are most likely ways to obtain such information, which is why RSA is providing warnings to be on the guard with such attacks. Review collected by and hosted on G2.com.
RSA is a superb vendor. They have been engaged with each of subsidiaries from the get-go. Review collected by and hosted on G2.com.
The learning curve is steep. The overall solution is a large effort to implement correctly. Review collected by and hosted on G2.com.
Overall ecosystem Netwitness create with all solutions which enrich each other and make a not so but perfect solution. Review collected by and hosted on G2.com.
Lack of additional apps like Splunk and Qradar Review collected by and hosted on G2.com.
