PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.
Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.
You can read user reviews for the Top 8 Network Detection and Response (NDR) Tools here, to help you decide which solution is best for you.
Below, users compare and give feedback on Network Detection and Response (NDR) Tools that they’ve used — based on product reviews, ratings, and comparisons.
#1 Darktrace
Darktrace was ranked as the #1 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give Darktrace an average rating of 8 out of 10.
PeerSpot user Victor I., Director Comercial México at Aubay, explains that the product is all inclusive, saying it is “A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support.”
Imad A., Group IT Manager at a manufacturing company, says, "I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
A Founder and Director at a tech services company comments, "In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
Another reviewer, a Senior Security & Infrastructure Architect at a retailer, praises the solution, saying its “Built-in AI analytics helps give you total visibility of your architecture assets.”
#2 Vectra AI
Vectra AI was ranked as the #2 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give Vectra AI an average rating of 10 out of 10.
An Operational Security Manager at a financial services firm comments, "The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
PeerSpot user Dave W., Operations Manager at a healthcare company, says, "One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
In addition, a Senior Security Engineer at a manufacturing company expresses that the solution is “Easy to deploy and maintain, gives us ML, AI, and custom detection options for rule detection, and saves storage cost and time.”
#3 Cisco Stealthwatch
Cisco Stealthwatch was ranked as the #3 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give Cisco Stealthwatch an average rating of 8 out of 10.
An Enterprise Information Security Architect at an agriculture firm exclaims that the solution “Provides valuable security knowledge and helps us improve network performance.”
Another reviewer, a Senior Security Engineer at a tech services company, says that the product has plenty of add-ons, helpful support, and beneficial network visibility. He explains that "Cisco Stealthwatch has predefined alerts for different types of security issues that might happen in the network. Whether it's PCs or servers that are used for botnets or Bitcoin mining we receive the alerts automatically. This functionality is what we receive from the solution out of the box."
Mark L., Airway Transportation Service Specialist at Federal Aviation Administration, also talks about how the solution has allowed his company to effectively monitor network traffic and analyze anomalies. He likes that “you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
#4 Awake Security Platform
Awake Security Platform was ranked as the #4 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give Awake Security Platform an average rating of 8 out of 10.
A Chief Technology Officer at a financial services firm says it's much easier to create your own queries and hunt for threats using Awake Security Platform. He explains his personal experience: "When I create a workbench query in Awake to do threat hunting, it's much easier to query. You get a dictionary popup immediately when you try to type a new query. It says, "You want to search for a device?" Then you type in "D-E," and it gives you a list of commands, like device, data set behavior, etc. That gives you the ability to build your own query."
Another PeerSpot reviewer, a Head of Information Security at an engineering company praises the solution, saying it gives his company network layer visibility into things that may not be covered by other monitoring tools, such as shadow IT. He goes on to say "The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that."
#5 ExtraHop Reveal(x)
ExtraHop Reveal(x) was ranked as the #5 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give ExtraHop Reveal(x) an average rating of 10 out of 10.
PeerSpot user Dawid V., Sales Engineer/Technical Sales/Pre-Sales at SUSE, says ExtraHop Reveal(x) “Enables users to make an informed decision to mitigate performance or security incidents.”
Another user, a Head of Network Services at a tech services company, claims, “Setting up the solution is relatively easy." He also says it has extensive documentation and good stability.
#6 Blue Hexagon
Blue Hexagon was ranked as the #6 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give Blue Hexagon an average rating of 8 out of 10.
A Director, Security Innovation at an insurance company explains that it “Provides contextual alerts and risk ratings on findings. As part of that, they gather a lot of threat intelligence and map your connections against that. The larger benefit is that they give you a risk rating on their findings."
#7 RSA NetWitness Network
RSA NetWitness Network was ranked as the #7 Network Detection and Response (NDR) Tool of 2022. PeerSpot users give RSA NetWitness Network an average rating of 8 out of 10.
A PeerSpot user, a Manager, Soc, points out which feature they like, best saying, "The log correlation is good."
Maged M., Security Consultant at Global Solutions, mentions that the solution has “Great visualizations, is stable, and easy to use and deploy.”
#8 IronNet IronDefense
IronNet IronDefense was ranked as the #8 Network Detection and Response (NDR) Tool of 2022.
A Founder and CEO at a tech services company says, “The most valuable feature is the ease of use and the full reach of services."
