Vectra AI Reviews

Name: Vectra AI
Brand: Vectra AI
Rating: 4.3 (44 reviews)

Vendor: Vectra AI

4.3 out of 5

44 reviews
97% willing to recommend

2,305 followers

Start review

What is Vectra AI?

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Get the Vectra AI Buyer's Guide and find out what your peers are saying about Vectra AI, Darktrace, Splunk User Behavior Analytics and more!

Vectra AI is the #2 ranked solution in top Network Detection and Response (NDR) solutions, #3 ranked solution in top Intrusion Detection and Prevention Software, #6 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #10 ranked solution in top Identity Threat Detection and Response (ITDR) solutions, and #15 ranked solution in XDR Security products. PeerSpot users give Vectra AI an average rating of 8.6 out of 10. Vectra AI is most commonly compared to Darktrace: Vectra AI vs Darktrace. Vectra AI is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.

Helped 848,253 peers since 2012

Featured Vectra AI reviews

Mohammad Alkurdi

Owner at Fortibits

The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Read full review

reviewer1439937

Operational Security Manager at a financial services firm with 1,001-5,000 employees

Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM. I am in contact with the Vectra team, if not weekly then on a monthly basis, to propose improvements. For the time being, the main improvement I can see would be to integrate with more external solutions. Since Vectra provides an API, that should be quite easy to handle. For example, we're using an open source ticketing system within our team and I want to have it handled properly by Vectra. We'll go forward on that with the API. Another area for improvement that I have pinpointed is that the Office 365 solution and the Detect solution cannot match the same users. That means we have two "different worlds" currently, the world from Office 365, which is bringing alerts based on users' emails and email addresses. And we have the network world, which is bringing an Active Directory view. On the one hand we are seeing emails or email addresses, and on the other hand we are seeing things like logons on to the domain controller. From time to time, it does not match and the tool cannot currently cross-check this info and consolidate everything. I would like to be able to see that detection related to one workstation and covering a user: what he is using, what services he is using, and what he did with his Office 365 and configuration. That would help. Another major feature would be to have all logs pushed to Cognito Detect, and all these logs should be also pushed to Recall. Currently, within Recall, I can't call up the Office 365 detections and I would love to do so. The last point would be an automated IoT threat feed consumption by the tool.

Read full review

Dave Wallace

Operations Manager at a healthcare company with 51-200 employees

An attractive thing about Vectra AI is the AI component that it has over the top of the detections. It will run intelligence over detections coming across in our environment and contextualize them a bit and filter them before raising them as something that the IT team or SOC need to address. While the device itself is deployed on-prem, the hybrid nature of what it can monitor is important to us. Its ability to group detections for us in an easier way to better identify and investigate is beneficial. It also provides detailed descriptions on the detection, which reduces our research time into what the incident is. There are also some beneficial features around integration with existing products, like EDR, Active Directory, etc., where we can get some hooks to use the Vectra product to isolate devices when threats are found. On a scale of good to bad, Vectra AI is good at having the ability to reduce alerts by rolling up numerous alerts to create a single incident or campaign for investigation. My frame of reference is another product that we had beforehand, which wasn't very good at this side of things. Vectra AI has been a good improvement in this space. In our pretty short time with it so far, Vectra AI has done a lot to reduce the noise and combine multiple detections into more singular or aggregated alerts that we can then investigate with a bit more context. It has been very good for us. There is a level of automation that takes place where we don't have to write as many rules or be very specific around filtering data. It starts to learn, adapt, and automate some of the information coming in. It works by exception, which is really good. Initially, you get a little bit more noise, but once it understands what is normal in your environment, some of the detections are based on whether an action or activity is more than usual. It will then raise it. Initially, you are getting everything because everything is more than nothing, but now we are not getting much of that anymore because the baseline has been raised for what it would expect to see on the network. We use the solution’s Privileged Account Analytics for detecting issues with privileged accounts. Privileged accounts are one of the biggest attack vectors that we can protect ourselves against. This is one of the few solutions that gives you true insight into where some of those privileged accounts are being used and when they are being used in an exceptional way. We have found that Vectra AI captures network metadata at scale and enriches it with security information. We have seen that data enriched with integrations has been available and implemented. This comes back to the integration of our EDR solution. It is enriching its detection with existing products from our EDR suite, and probably some other integrations around AWS and Azure. In the future, we will see that improve even further. One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us.

Read full review

Vectra AI mindshare

Product category:

As of April 2025, the mindshare of Vectra AI in the Intrusion Detection and Prevention Software (IDPS) category stands at 11.3%, up from 10.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

PeerAnalyst reports based on Vectra AI reviews

Type	Title	Date
Category	Intrusion Detection and Prevention Software (IDPS)	Apr 19, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 19, 2025	Download
Comparison	Vectra AI vs Darktrace	Apr 19, 2025	Download
Comparison	Vectra AI vs Check Point IPS	Apr 19, 2025	Download
Comparison	Vectra AI vs Fortinet FortiGate IPS	Apr 19, 2025	Download

Title	Rating	Mindshare	Recommending
Darktrace	4.1	19.5%	94%	78 interviews Add to research
Splunk User Behavior Analytics	4.1	2.1%	100%	23 interviews Add to research

Valuable Features

Vectra AI's most valuable features include its ability to pinpoint critical events and reduce alert fatigue by correlating multiple alerts into single incidents. It provides instant visibility across network traffic, enriched with AI-driven security insights. Users appreciate its integration with existing systems like SIEM and Office 365 for comprehensive threat detection. The platform enhances efficiency by managing a variety of detections, improving threat prioritization, and offering robust analytics to reduce false positives.

"There are many detection features available."
"Most of their use cases, including deployment, are managed by the tool itself, requiring less manual input from our team."
"The initial setup was pretty straightforward."

Room for Improvement

Vectra AI users mention integration, reporting, and visibility as areas for improvement. They seek better orchestration, enhanced syslog data, and clearer insights into host activities. Users express a desire for more user-friendly customization and reduced false positives. The need for better documentation, more flexible architecture, on-prem processing options, stronger external integration, streamlined licensing, and improvements in Office 365 alignment is also highlighted for more effective cybersecurity management.

"The advantages of the integration are not entirely out-of-the-box. You have to do it manually."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."

ROI

Vectra AI reduces response time to attacks and enhances security, generating cost-efficiency compared to alternatives. It decreases the security team's workload, improves incident response, and supports risk mitigation. Organizations experience efficiency boosts and incident detection improvements. Despite some challenges measuring monetary ROI, users report enhanced security operations and risk reduction, leading to financial savings during potential attacks and comparisons to previous tools. Deployment often results in rapid benefits and cost savings during threat scenarios.

Pricing

Enterprise users have mixed experiences with Vectra AI's pricing and licensing. Most agree it is on the higher side, but they find it competitive compared to solutions like Darktrace. Vectra AI's licensing is based on IP addresses, with options for additional features like Cognito Recall and Stream. While some users find the pricing structure straightforward, others feel it's complex due to charges for extra services. Despite the costs, many believe the value justifies the price.

"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"The licensing is on an annual basis."
"Vectra AI's pricing is cheaper than that of Darktrace."

Popular Use Cases

Organizations use Vectra AI primarily for network visibility and threat detection. Its key functions include identifying suspicious behaviors, analyzing network traffic, and alerting on potential security threats. The platform assists in threat hunting, incident response, and compliance monitoring. Vectra AI is deployed across various environments, integrating seamlessly with existing systems, and enhancing overall security measures by providing insights into complex attack patterns, thereby helping entities mitigate risks efficiently.

Service and Support

Vectra AI's customer service and support are highly praised for their responsiveness and technical expertise. Users consistently receive quick assistance, often within a few hours, and appreciate the knowledgeable staff. The support team effectively solves problems, provides training, and incorporates user suggestions. It is noted that Vectra AI maintains strong communication and a personalized approach, ensuring customer needs are met. Some feedback mentions rare instances of longer response times or communication gaps, but satisfaction remains high.

Deployment

Users found Vectra AI's initial setup to be straightforward, often described as plug-and-play. Some reported configuration complexities, particularly with architecture planning and scoping, which required time and expertise. Despite varying experiences with deployment duration, most managed to complete the setup within days to weeks. Support from Vectra AI was generally highlighted as effective. Deployment included considerations for both physical and virtual environments, with emphasis on monitoring priority areas.

Scalability

Reviewers indicate Vectra AI is highly scalable, supporting deployments with thousands of devices across diverse environments. Users appreciate its manageable architecture, virtual sensor deployment capability, and flexibility for cloud integration, though initial setup requires careful planning. Scalability options allow expansion with additional sensors and appliances, ensuring performance across various sizes and needs. While some mention hardware limitations, many acknowledge future improvements are planned, making it suitable for growing companies.

Stability

Users report Vectra AI offers strong stability. Initially, some experienced hardware-related issues, but after resolution, it has operated reliably. Regular automatic updates maintain performance, requiring minimal maintenance effort. Few have faced minor issues, manageable by alert systems. While a small number mention delays or hardware issues, most describe it as dependable, with no downtime or significant concerns. Reporting confirms Vectra AI as a stable, robust tool suitable for varied environments.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Vectra AI Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

13%

Computer Software Company

13%

Manufacturing Company

Government

Healthcare Company

University

Retailer

Real Estate/Law Firm

Comms Service Provider

Educational Organization

Non Profit

Energy/Utilities Company

Insurance Company

Legal Firm

Construction Company

Outsourcing Company

Transportation Company

Media Company

Writing And Editing Position

Wholesaler/Distributor

Hospitality Company

Performing Arts

Recreational Facilities/Services Company

Pharma/Biotech Company

Consumer Goods Company

Marketing Services Firm

Compare Vectra AI with alternative products

Learn more about Vectra AI

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Vectra AI was previously known as Vectra Networks, Vectra AI NDR.

Vectra AI customers

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association